From: Thien on
I want to register



Kranthi Remala wrote:

How to configure security under this scenario.
24-Feb-09

HI Daniel / Steven,

It was worthwhile reading through the thread yet it does not solve my problem which is very similar but with the "Security" ON!!..
Security is very essential for the service that I am hosting else I could have used BasicHttpBinding as well to configure the client and then apply the SSL manually. But we have gone fir wsHttpBinding as it implicitly support the WS-Security protocol stack.

But, I'm facing the same authentication issue when I'm consuming the wcf service in windows service.

Any help would be greatly apprieciated as I need i urgently.

Regards,
Kranthi

Previous Posts In This Thread:

On Thursday, February 21, 2008 8:18 PM
daniel.she wrote:

Error consuming WCF service in Windows Service
Hi,

I have a windows service that consumes a WCF service. It works well when I
run this service under my AD account, which is in the admin group of the os.
But if I run it under the defaul Local System account, it reports error like
the following:
---The socket connection was aborted. This could be caused by an error
processing your message or a receive timeout being exceeded by the remote
host, or an underlying network resource issue. Local socket timeout was
'00:10:00'.

Server stack trace:
at System.ServiceModel.Channels.SocketConnection.ReadCore(Byte[] buffer,
Int32 offset, Int32 size, TimeSpan timeout, Boolean closing)
at System.ServiceModel.Channels.SocketConnection.Read(Byte[] buffer,
Int32 offset, Int32 size, TimeSpan timeout)
at System.ServiceModel.Channels.DelegatingConnection.Read(Byte[] buffer,
Int32 offset, Int32 size, TimeSpan timeout)
at System.ServiceModel.Channels.ConnectionStream.Read(Byte[] buffer,
Int32 offset, Int32 count, TimeSpan timeout)
at System.ServiceModel.Channels.ConnectionStream.Read(Byte[] buffer,
Int32 offset, Int32 count)
at System.Net.Security.NegotiateStream.Read(Byte[] buffer, Int32 offset,
Int32 count)
at System.ServiceModel.Channels.StreamConnection.Read(Byte[] buffer,
Int32 offset, Int32 size, TimeSpan timeout)
at
System.ServiceModel.Channels.ClientFramingDuplexSessionChannel.SendPreamble(IConnection connection, ArraySegment`1 preamble, TimeoutHelper& timeoutHelper)
at
System.ServiceModel.Channels.ClientFramingDuplexSessionChannel.DuplexConnectionPoolHelper.AcceptPooledConnection(IConnection
connection, TimeoutHelper& timeoutHelper)
at
System.ServiceModel.Channels.ConnectionPoolHelper.EstablishConnection(TimeSpan timeout)
at
System.ServiceModel.Channels.ClientFramingDuplexSessionChannel.OnOpen(TimeSpan timeout)
at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
at System.ServiceModel.Channels.ServiceChannel.OnOpen(TimeSpan timeout)
at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
at
System.ServiceModel.Channels.ServiceChannel.CallOnceManager.CallOnce(TimeSpan
timeout, CallOnceManager cascade)
at System.ServiceModel.Channels.ServiceChannel.EnsureOpened(TimeSpan
timeout)
at System.ServiceModel.Channels.ServiceChannel.Call(String action,
Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs,
TimeSpan timeout)
at
System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage
message)

Exception rethrown at [0]:
at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage
reqMsg, IMessage retMsg)
at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData&
msgData, Int32 type)
--
I can't figure why it doesn't work in the defaul account, is there any
security issue?

Thanks.

Daniel

On Friday, February 22, 2008 3:45 AM
stchen wrote:

Hi Daniel,From your description, you're encountering some problem when try
Hi Daniel,

From your description, you're encountering some problem when try consuming
a WCF service in a windows service application. Also, the problem occurs
when you use LOCAL SYSTEM to run the windows service(work well if use a
domain account), correct?

From a general view, the problem does be likely due to
security/authentication related issue. Would you provide some further
information about your WCF service such as whether it has used transport
security or message layer security and whether it use windows
authentication and require a client identity when accessing it? Since
LOCAL SYSTEM is a local account, when you accessing the remote service and
the service require a valid windows identity, it may not recognize the
LOCAL SYSTEM identity of your client machine(where the windows service
runs).

Also, for test, you can try a simple WCF service without
authentication/security to see whether it can be called correctly.

Sincerely,

Steven Cheng

Microsoft MSDN Online Support Lead



==================================================

Get notification to my posts through email? Please refer to
http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif
ications.



Note: The MSDN Managed Newsgroup support offering is for non-urgent issues
where an initial response from the community or a Microsoft Support
Engineer within 1 business day is acceptable. Please note that each follow
up response may take approximately 2 business days as the support
professional working with you may need further investigation to reach the
most efficient resolution. The offering is not appropriate for situations
that require urgent, real-time or phone-based interactions or complex
project analysis and dump analysis issues. Issues of this nature are best
handled working with a dedicated Microsoft Support Engineer by contacting
Microsoft Customer Support Services (CSS) at
http://msdn.microsoft.com/subscriptions/support/default.aspx.

==================================================


This posting is provided "AS IS" with no warranties, and confers no rights.



--------------------

os.
like
buffer,
buffer,
offset,
(IConnection connection, ArraySegment`1 preamble, TimeoutHelper&
timeoutHelper)
tionPoolHelper.AcceptPooledConnection(IConnection
pan timeout)
pan timeout)
timeout)
timeout)
an
outs,
essage methodCall, ProxyOperationRuntime operation)
System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage

On Friday, February 22, 2008 4:09 AM
daniel.she wrote:

Thanks, Steven.
Thanks, Steven. This is the security setting in the service:
<netTcpBinding>
<binding name="NewBinding0" closeTimeout="00:02:00"
openTimeout="00:02:00" receiveTimeout="00:30:00" sendTimeout="00:30:00"
maxConnections="100" maxReceivedMessageSize="655360000">
<security>
<transport protectionLevel="None" />
</security>
</binding>
</netTcpBinding>
I don't really need the message be protected, security isn't an issue yet,
so if there is anyway to get the Local System calling the service, security
could be sacrificed.

Daniel


""Steven Cheng"" wrote:

On Sunday, February 24, 2008 10:09 PM
stchen wrote:

Hi Daniel,Thanks for your reply.
Hi Daniel,

Thanks for your reply.

Yes, the security related setting of WCF service endpoing is in the binding
configuration area. However, I noticed that you only set the
"protectionLevel" of the netTcpBinding to "none", this means that there is
no encryption and integrity protect for the transferred messages and
authentication will still exists. I think you can try the following
setting to completely turn off the security(for test purpose):

=======================
<bindings>
<netTcpBinding>
<binding name="netTcpBindingConfig" >
<security mode="None" >
<transport protectionLevel="None"/>
</security>

</binding>
</netTcpBinding>

</bindings>
========================

Sincerely,

Steven Cheng

Microsoft MSDN Online Support Lead


This posting is provided "AS IS" with no warranties, and confers no rights.


--------------------
<sAcF#8SdIHA.6844(a)TK2MSFTNGHUB02.phx.gbl>

security
consuming
and
http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif
issues
follow
the
situations
best
contacting
rights.
when I
the
remote
timeout)
System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData&

On Sunday, February 24, 2008 11:21 PM
daniel.she wrote:

It works. Thanks a lot, Steven!Daniel
It works. Thanks a lot, Steven!

Daniel

On Monday, February 25, 2008 12:51 AM
stchen wrote:

Thanks for your quick reply Daniel,Well, that tells us the problem does be the
Thanks for your quick reply Daniel,

Well, that tells us the problem does be the security context(and the WCF
authentication). Though you may work with security turned off, I still
suggest you have a look at the WCF stuffs and apply some basic security
features so as to make your service secured(also useful for future
cases...):

http://msdn2.microsoft.com/en-us/library/ms735093.aspx

http://msdn2.microsoft.com/en-us/library/ms731925.aspx

Sincerely,

Steven Cheng

Microsoft MSDN Online Support Lead


This posting is provided "AS IS" with no warranties, and confers no rights.

--------------------
<sAcF#8SdIHA.6844(a)TK2MSFTNGHUB02.phx.gbl>
<4620876A-8546-46F2-80C7-B258A8463AE1(a)microsoft.com>
<WGtviv1dIHA.360(a)TK2MSFTNGHUB02.phx.gbl>

On Tuesday, February 24, 2009 4:50 AM
Kranthi Remala wrote:

How to configure security under this scenario.
HI Daniel / Steven,

It was worthwhile reading through the thread yet it does not solve my problem which is very similar but with the "Security" ON!!..
Security is very essential for the service that I am hosting else I could have used BasicHttpBinding as well to configure the client and then apply the SSL manually. But we have gone fir wsHttpBinding as it implicitly support the WS-Security protocol stack.

But, I'm facing the same authentication issue when I'm consuming the wcf service in windows service.

Any help would be greatly apprieciated as I need i urgently.

Regards,
Kranthi


Submitted via EggHeadCafe - Software Developer Portal of Choice
Free Online Courses Available for Eggheadcafe.com Users
http://www.eggheadcafe.com/tutorials/aspnet/5261083e-6e03-4b25-8728-fc3cf6855293/free-online-courses-avail.aspx
 | 
Pages: 1
Prev: .NET 4.0 and MMC snap-ins
Next: Please help me !