.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Win Surprise Gifts!!!

Top 5 Contributors of the Month
Gaurav Pal
Post New Web Links

wcf https security

Posted By:      Posted Date: October 02, 2010    Points: 0   Category :ASP.Net


im using wcf how can i make sure to my service file from client side.

my web service file (service.svc)  should not acceable on client side....on https security(ssl)

View Complete Post

More Related Resource Links

asp:Menu submenu hover/expansion + HTTPS = Security Information Popup

Hello,I have a an asp:Menu with a datasource and the page is being accessed by https. If I hover over one of the menu items that has a subitem I get this popup.Here is my code,//asp <%@ Page Language="C#" AutoEventWireup="true" CodeFile="Test.aspx.cs" Inherits="UI_Common_Test" %> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head runat="server"> <title></title> </head> <body> <form id="form1" runat="server"> <div> <asp:Menu ID="Menu1" runat="server" DataSourceID="dsSiteMap" Orientation="Vertical" StaticDisplayLevels="2"> <DataBindings> <asp:MenuItemBinding DataMember="SiteMapNode" TextField="Title" /> </DataBindings> </asp:Menu> <asp:SiteMapDataSource ID="dsSiteMap" runat="server" SiteMapProvider="Public" /> </div> </form> </body> </html> //cs using System; using System.Collections.Generic; using System.Linq; using System.Web; using System.Web.UI;

Security exception on Merge Replication over HTTPS,

Hi, I've setup SQL 2005 Merge replication over HTTPS for few remote machines. Most of them are working great but this particular machine is causing me a lot of problem. Here's message details from SQL agent job. Message 2010-08-04 15:57:00.999 The system cannot find the file specified. 2010-08-04 15:57:01.015 Category:NULL Source:  Merge Process Number:  -2147221502 Message: The system cannot find the file specified. 2010-08-04 15:57:01.031 Category:NULL Source:  Merge Process Number:  -2147199373 Message: The Merge Agent failed to connect to the Internet proxy server for user 'UserName' during Web synchronization. Ensure that the proxy server settings are correctly configured in Internet Explorer, or specify the -InternetProxyServer parameter when starting the Merge Agent. 2010-08-04 15:57:01.031 Category:NULL Source:  Merge Process(Web Sync Client) Number:  -2147010889 Message: The Merge Agent could not connect to the URL 'https://serveraddress/replisapi.dll' during Web synchronization. Please verify that the URL, Internet login credentials and proxy server settings are correct and that the Web server is reachable.   Machine is directly connected to the internet, doens't use proxy server so it's not proxy issue. Any checkboxes in IE connection setting are all unchecked. I searched web, some people resolved this issue by instal

WCF client WS-Security Username + X.509 + https

Hi all, I need help to build a wcf client. The client has to send a ws-security message wiht BinarySecurityToken tag and UsernameToken tag. The transport is https. The UserNameToken is composed only by the Username field without the Password. I have set in configuration file the security mode="TransportWithMessageCredential" but  I cannot set in the <message clientCredentialType="">  "Username" and "Certificate" both active at the same time. I have to send in the soap header two Reference with two digest, one for the body, one for the UsernameToken. Can someone  help me ? By and Thanks

Silverlight and WCF 'simple question' (right), involving https vs transport security


Two questions:  I’m familiar with WCF and using it with Silverlight, https:, and I have a remote web server that I have a SSL / TLS certificate on.


I want to encrypt login and/or data to and from the web server.  Already I can do this on localhost, using this video:  http://www.silverlight.net/learn/videos/silverlight-videos/using-aspnet-secure-services-and-applications-services/

    (“In this video, Tim Heuer demonstrates two important features of Silverlight and ASP.NET, using secure web services and using ASP.NET application services from within Silverlight. This demonstration walks through securing services and interacting with the ASP.NET authentication services to restrict use as well as directly interact with ASP.NET application services from within a Silverlight application.”)

 Also I have reviewed this video on localhost:


How to bypass https:// security warning.


I have website which is https://secure  and it has a contect from http://nonsecure (youtube videos)

I get Security Warning in Internet explorer which I try to access youtube videos, is there any where I can bypass that warning programmatically,

Please let me know or any other alternatives.

thank u


SharePoint Tutorial - Security

Security in SharePoint is comprised of users, groups and roles.

Users, Groups and Roles

A user account comes from the authentication system. For example, if Active Directory is used to authenticate then the user accounts will come from it.

There are two types of groups SharePoint uses: domain groups and SharePoint groups.

Asp.net web site security database


Hello all, I'm new to asp.net and I'm currently practising some few stuffs. I'm creating a hotel reservation system using ASP.net Web site in visual studio 2008 and I currently don't have an App_Data in my solution explorer unlike visual web developer.

1. I have planned to make users of the website login before making their reservations.

2. I have also planned to develop the website such that I will be able to know all reservations made by each user.

First and formost, I will like to know how I can access/View the security database?

Secondly, how do I link my custom made reservation database and the security database in order to achieve my second plan above.?

Someone help me.

Thank you.



hello i have the following problem

i have upload my content to hosting server but i get the following error

Security Exception

Description: The application attempted to perform an operation not allowed by the security policy.  To grant this application the required permission please contact your system administrator or change the application's trust level in the configuration file.

Exception Details: System.Security.SecurityException: Request for the permission of type 'System.Web.AspNetHostingPermission, System, Version=, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.

Source Error:

An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.

Stack Trace:

[SecurityException: Request for the permission of typ

System.Security.SecurityException: Request for the permission of type 'System.Web.AspNetHostingPerm


Good Day all,

Having an issue with an outside user accessing my IIS7 box. I do not have this problem when running the website from my host machine. I found this post: Http://forums.asp.net/t/1371394.aspx. I assure you that this is not a solution because I am not storing any of my files on a network share. 

What do you think my approach should be. 

I already have read rights to IIS user to my BIN folder. 

Thanks for the help. 

XBAP Security


We have a small XBAP file upload app that we are having trouble deploying. We were getting security errors when we were pushing this application that we don't get when running in our development environments on our machines. We gave the XBAP app full permissions and still got errors. Then we created a personal certificate and were able to get this to work. But that means we have to load a client side certificate for each and every machine that wants to run this which is ridiculous. Does anyone have a solution for this?

Intranet Users Challenged When Using Windows Integrated Security


We've setup an intranet site using Windows Integrated Security. Its up and running and users can access it. However, they are being challenged with a login dialog for the server when they initially access the site.

Isn't is possible to configure the server so that the users aren't challenged AND are recognized as being already authenticated by Windows? We're trying to go with a seamless experience, whereby all they have to do is login to their machine like normal and then go from there.

Security Question Answer Retrieval


I know there is a method built in for retrieving the encrypted password, but how do I retrieve the encrypted security answer?

What I want to do is have a member profile update screen that the end user can update their password and security question and answer. However, when they get to this page, I want to already be showing the security question (the easy part) and its answer (the not so easy part).

I have updated web.config with passwordFormat=Encrypted and have added a machineKey with the generator (forgot the link, but located on eggheadcafe somewhere).

I haven't done ANYTHING yet, since I already have a user store with hashed information. I wanted to get some functionality done before publishing, wiping the store and recreating users (only a couple developers).


Automatically redirect to HTTPS and check if SSL is active



I've set in the web.config:

    <!-- User Authentication -->
    <authentication mode="Forms">
      <forms loginUrl="~/Page/View/Content/Login.aspx" timeout="2880" requireSSL="true" />

This works fine. If there is no ssl connection, the login form doesn't continue. But I would like to check if ssl is active (in codebehind) and, if it's possible, to automatically the user to the https page if he's currently on http. (I could do this job by manually redirect with page.response("https://url.../login.aspx"); but this is not really generic. For example if the webapp is moved to another domain it doesn't work anymore... I'm looking for something like: FormsAuthentication.RedirectWithSSL(); or so... :D)


WCF The Security Support Provider Interface (SSPI) negotiation failed


I am using a wcf service that I created, when both hosting machine and the client machine are on the same domain everything works just fine. When I publish the client app to the webserver in the DMZ I am getting the following error:

SOAP security negotiation with '' for   
'' failed. See inner exception  
for more details.The Security Support Provider Interface (SSPI) negotiation failed.

Here is my service main where I set up the service


 Uri baseAddress = new Uri("Http://");
      ServiceHost selfHost = new ServiceHost(typeof(QBService), baseAddress);


Security negotiation failed because the remote party did not send back a reply in a timely manner. T



Dear All i have created one simple service

like this

namespace WcfService2
        public class Service1 : IService1
        public string ShowEmpName(string strFirstName, string strLastName)
            return strFirstName + strLastName;

after executing in .net command promt i got 2 files

service.cs & output.config

after that i create one class file like this

namespace WcfService2
    public class clientcs

        static void Main(string[] args)
            Service1Client client = new Service1Client();
            string strResult = client.ShowEmpName("Pradeep", "Deokar");

SharePoint Security: Trim SharePoint Search Results for Better Security


SharePoint search may return too much information, causing data security problems. Learn how to use the custom security trimmer to ensure users see only the documents they have permission to view.

Ashley Elenjickal, Pooja Harjani

MSDN Magazine July 2010

ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  Silverlight  Others  All   

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend