.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Register
 
Win Surprise Gifts!!!
Congratulations!!!


Top 5 Contributors of the Month
Easy Web
Imran Ghani
Post New Web Links

WCF with WSHttpBinding on NetScalar - Security negotiation Issue.

Posted By:      Posted Date: September 22, 2010    Points: 0   Category :WCF
 

Hi Gurus,

 

We have a WCF Service with *wsHttpBinding* and consumed by our windows application. This application consumes other services (asmx) too.

 

In Production we deployed this WCF Service on 3 machines. Service is working perfectly when under software NLB for load balancing.

 

Recently, our production environment has changed the Load balancing technique with *Citrix NetScalar* for VMs.


View Complete Post


More Related Resource Links

WCF The Security Support Provider Interface (SSPI) negotiation failed

  

I am using a wcf service that I created, when both hosting machine and the client machine are on the same domain everything works just fine. When I publish the client app to the webserver in the DMZ I am getting the following error:

SOAP security negotiation with 'http://10.0.0.14:3790/Bullfrog/QBService/QBService' for   
target
'http://10.0.0.14:3790/Bullfrog/QBService/QBService' failed. See inner exception  
for more details.The Security Support Provider Interface (SSPI) negotiation failed.


Here is my service main where I set up the service


   

 Uri baseAddress = new Uri("Http://10.0.0.14:3790/Bullfrog/QBService");
      ServiceHost selfHost = new ServiceHost(typeof(QBService), baseAddress);

            try
            {
                selfHost.AddServiceEndpoint(
                    typeof(IQBService

Security negotiation failed because the remote party did not send back a reply in a timely manner. T

  

 


Dear All i have created one simple service

like this

namespace WcfService2
{
        public class Service1 : IService1
    {
        public string ShowEmpName(string strFirstName, string strLastName)
        {
            return strFirstName + strLastName;
        }
    }
}




after executing in .net command promt i got 2 files

service.cs & output.config


after that i create one class file like this


namespace WcfService2
{
    public class clientcs
    {

        static void Main(string[] args)
        {
            Service1Client client = new Service1Client();
            string strResult = client.ShowEmpName("Pradeep", "Deokar");

WCF Rest Security Issue

  
I have developed a wcf Rest application and I have prepared a web client in which I am using simple javascript embed over html pages now I want to implement some security to my pages how can I do so can any one explain me. I am not using asp.net as client. I am trying to implement some security to secure my data but I am not able find the way to do it.

An exception occurred when trying to issue security token: The trusted login provider did not supply

  
We are facing the issue after got authenticated by OpenID and forwarded back to Sharepoint, it crashed at the /_trust/ page the error "Operation is not valid due to the current state of the object." and event log shows this:   "An exception occurred when trying to issue security token: The trusted login provider did not supply a token accepted by this farm... "    

Secure channel cannot be opened because security negotiation with the remote endpoint has failed

  
Please help me to pinpoint what's wrong with the configurations. CoreClient client = new CoreClient(); client.ClientCredentials.UserName.UserName = "test"; client.ClientCredentials.UserName.Password = "test"; string msg = client.SayHello(); //==== ERROR Happens here Error message: Secure channel cannot be opened because security negotiation with the remote endpoint has failed. This may be due to absent or incorrectly specified EndpointIdentity in the EndpointAddress used to create the channel. Please verify the EndpointIdentity specified or implied by the EndpointAddress correctly identifies the remote endpoint. Configurations: Host: <behaviors> <serviceBehaviors> <behavior name="DefaultBehavior"> <serviceMetadata httpGetEnabled="true"/> <serviceDebug includeExceptionDetailInFaults="false"/> <serviceCredentials> <serviceCertificate findValue="MyServerCert" x509FindType="FindBySubjectName" storeLocation="LocalMachine" storeName="My"/> <userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="Promotion.Services.UsernameValidator, LibraryIIS" /> </serviceCredentials> </behavior>

Is BasicHttpBinding/WSHttpBinding + Windows Authentication + Message Security possible without serve

  

Hi Folks,

I need to deploy a WCF service hosted in IIS 7.5 which has the following constrains:

1) Using Windows Authentication
2) No server or client certificate is needed
3) Using either BasicHttpBinding or WSHttpBinding
4) Using Message Security, so that it is not possible to monitor the communication maliciously. (I think Transport Security is not possible without server certificate)

Is it possible to fullfil the above requirements simultaneously? Thanks for the reply in advance. I'll appreciate it:)

Zhiliang


wsHttpBinding with Windows Authentication and Message Security

  

Hello,

I want to accomplish wsHttpBinding with Windows Authentication and Message Security. I've created a test service and deployed on Windows Server 2008 and IIS 7.5.

The virtual directory has been assigned a application pool running under custom account domain\username. Only
Windows Authentication is enabled on the virtual directory ( i DONT want anonymous access enabled).

I keep getting this error "Security settings for this service require 'Anonymous' Authentication but it is not enabled for the IIS application that hosts this service."

Below is my server config file. I've followed  instructions at http://msdn.microsoft.com/en-us/library/ff650619.aspx

 <wsHttpBinding>
        <binding name="NewBinding0">
          <security mode="Message">
            <transport clientCredentialType="Windows"></transport>
          </security>
        </binding>
  </wsHttpBinding>
  

Possible security issue with .NET framework and web services

  

We have a web service that runs fine on our Windows Server 2008 R2 test system.

However, it does not work on a production machine at a customer site.

It is installed using:

  • WISE installer 32 bit
  • .NET 2.0 Framework
  • Machine has UAC disabled

Some observations:

  • Communication between client and server seems to work fine
  • Can't write to c:\ProgramData
  • Can't connect to database using ODBC connector.
  • Can't log messages to the Windows Event Log (we get an exception that we don't have privileges)

This makes us suspect security settings on the machine. Enabling trace logs on the ODBC Manager shows no errors. The Windows Event Viewer doesn't indicate any problems.

Can anyone suggest what is wrong? Is there a tool we can use to discover the source of the problems.


Security Validation / Silverlight issue?

  
When Security Validation is turned off on a 2010 web application, the Silverlight menus break in that web app.  Why is that?  I've seen it across many farms, so I know it's an issue.

How to setup WCF with wsHttpBinding, Transport Security with x509 certificate behind a load balancer

  

I'm having a difficult time setting up this WCF Service with wsHttpBinding, Transport Security, x509 and, the key part, the Load Balancer (F5). This all works without a problem in our Dev environment but as soon as I put it behind the F5 it fails giving me this message:

System.ServiceModel.Security.SecurityNegotiationException: Could not establish trust relationship for the SSL/TLS secure channel with authority 'servicechannelcert'. ---> System.Net.WebException: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.

Is there any additional setup I need to do in IIS or the Load Balancer to handle these requests?

configuration files:

<binding name="wsHttpTransport">
 <readerQuotas maxDepth="2147483647" maxStringContentLength="2147483647" maxArrayLength="2147483647"
  maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647" />
 <security mode="Transport&

IIS hosted nettcpbinding security issue

  

Hi,

I have hosted my service in IIS with nettcpbinding and IIS set to Windows auth and Anonymous is disabled. when i browse svc file i get error "security setting of service required anonmous but is not enabled on iis application site".

when i use below config file, i get this error. But when i use second config setting, i don't get this error. I am not able to figure out the diffference in 2 config files.

1.  (this setting doesn't work)

<system.serviceModel>
<behaviors>
   <serviceBehaviors>
    <behavior >
     <serviceMetadata httpGetEnabled="false" />

IIS hosted nettcpbinding security issue

  

Hi,

I have hosted my service in IIS with nettcpbinding and IIS set to Windows auth and Anonymous is disabled. when i browse svc file i get error "security setting of service required anonmous but is not enabled on iis application site".

when i use below config file, i get this error. But when i use second config setting, i don't get this error. I am not able to figure out the diffference in 2 config files.

1.  (this setting doesn't work)

<system.serviceModel>
<behaviors>
   <serviceBehaviors>
    <behavior >
     <serviceMetadata httpGetEnabled="false" />

WCF Exceptions - Time Out and Security Negotiation

  

Hi All,

I am working on an application and am stuck on a snag here, hopefully someone with a geeky mind than mine could pull me off from this.

Basically the scenario is there is Windows Workflow set on a SharePoint Doc Library, which runs on any new item created. The workflow communicates with a WCF Webservice to associate Metadata to the new item created.

So when a new item is created, the workflow runs and talks to the WebService, which in turn returns the associated Metadata information from queries running on an oracle database.

I am pretty sure that my WCF Webservice has throttling set and I will probbaly start there.

Here are a couple of exceptions being thrown:

Error1:

The request channel timed out while waiting for a reply after 00:02:00. Increase the timeout value passed to the call to Request or increase the SendTimeout value on the Binding.

Error2:

Client is unable to finish the security negotiation within the configured timeout (00:02:00).  The current negotiation leg is 1 (00:02:00).

 

I am starting to look into the WCF Throttling settings and see if that would help me out in my quest. But anyone out there who has experienced these issues and resolved them without comprising performance (by increasing the TimeOut in Bindings), would be greatly appreciated, if they could share

SharePoint 2010 Security (Prompts for Login) Issue with SSRS report with Out of Box Web Part

  

Hi All,

I have a SSRS Customized Report (.RDL). I have a web part with association on one of the report. When I try visit the page I am prompted for credenatial.

My Data Source Properties are as per below

Use this user and Password

  user name: domain\myadminuser

  password:****

Selected: use as win auth

Selected: Impersonate

 

How Can I get rid of prompt?

 

 

 

 


Pathik

SharePoint 2010 Security (Prompts for Login) Issue with SSRS report with Out of Box Web Part

  

Hi All,

I have a SSRS Customized Report (.RDL). I have a web part with association on one of the report. When I try visit the page I am prompted for credenatial.

My Data Source Properties are as per below

Use this user and Password

  user name: domain\myadminuser

  password:****

Selected: use as win auth

Selected: Impersonate

 

How Can I get rid of prompt?

 

 

 

 


Pathik

Issue with Code Access Security Policy - deploying a third party dll to bin

  

Okay, i think most of you guys out there use wspbuilder to build the wsp solutions and to deploy it. So here is my problem.

I'm working on a SharePoint solution which makes use of a third party dll (Telerik for Asp.Net Ajax - Telerik.Web.UI.dll) for rich experience. Since Telerik dll is a common assembly i have to deploy it to the bin folder of the webapplication instead of GAC. So here comes the problem.

WSPBuilder automatically deploys the dll to gac if the dll presents in the GAC folder. To deploy the telerik dll in bin i created the folder 80\bin and copied the dll there. I tried to build the wsp again and then went through the manifest.xml created. Great. The deployment target for the dll changed to WebApplication and wspbuilder was smart to create the cas policy itself.

<CodeAccessSecurity>
		<PolicyItem>
			<PermissionSet class="NamedPermissionSet

An exception occurred when trying to issue security token: The security token username and password

  

Hi,

  I get a problem authenticating people in Sharepoint 2010 LDAP provider.

  Right now, I can successfully config the central admin for LDAP provider, (I can search people that in LDAP server,assign ldap people without problem). Also I can search LDAP people in my site. Then I tried to login using ldap username and password, it shows "An exception occurred when trying to issue security token: The security token username and password could not be validated.."

  First, I thought maybe there were some typo in my site web.config, so I enabled the windows login, log into my site using my windows account, there, I can search LDAP user in my site with no problem. So I believe that my site web.config is alright. The only thing left is the STS.But I am not sure what could be wrong , because membership and role part are just simple copied and pasted from my site web.config.

  Here is the web.config for STS. Please Help. Thank you.

<?xml version="1.0" encoding
Categories: 
ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  Silverlight  Others  All   

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend