I have created a WCF authentication service and all works well. When I am trying to implement SSL encryption to the communication, I get the following error:
There was no channel actively listening at https://myDomain/WebSite/MyAuthenticationSvcWrap.svc. This is often caused by an incorrect address URI. Ensure that the address to which the message is sent matches an address on which a service is listening.
The web.config of the http service host:
<system.serviceModel>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" />
<services>
<service behaviorConfiguration="AppServiceBehaviors" name="WebSite.System.Web.ApplicationServices.AuthenticationService">
<endpoint binding="basicHttpBinding" bindingConfiguration="Binding1" bindingNamespace="http://asp.net/ApplicationServices/v200" contract="WebSite.System.Web.ApplicationServices.AuthenticationService" />
</service>
</services>
<bindings>
<basicHttpBinding>
<binding name="Binding1" >
<security mode="None">
<transport clientCredentialType="None" proxyCredentialType="None"
realm="" />
</security>
</binding>
</basicHttpBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior name="AppServiceBehaviors">
<serviceMetadata httpGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
</serviceBehaviors>
</behaviors>
and client app.config:
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="BasicHttpBinding_AuthenticationService">
<security mode="None">
<transport clientCredentialType="None" proxyCredentialType="None"/>
</security>
</binding>
</basicHttpBinding>
</bindings>
<client>
<endpoint address="http://mydomain/WebSite/MyAuthenticationSvcWrap.svc"
binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_AuthenticationService"
contract="AuthenticationService" name="BasicHttpBinding_AuthenticationService" />
</client>
</system.serviceModel>
The https service host:
<system.serviceModel>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" />
<services>
<service behaviorConfiguration="AppServiceBehaviors" name="WebSite.System.Web.ApplicationServices.AuthenticationService">
<endpoint binding="basicHttpBinding" bindingConfiguration="Binding1" bindingNamespace="http://asp.net/ApplicationServices/v200" contract="WebSite.System.Web.ApplicationServices.AuthenticationService" />
</service>
</services>
<bindings>
<basicHttpBinding>
<binding name="Binding1" >
<security mode="Transport">
<transport clientCredentialType="None" proxyCredentialType="None"
realm="" />
</security>
</binding>
</basicHttpBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior name="AppServiceBehaviors">
<serviceMetadata httpGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
</serviceBehaviors>
</behaviors>
and app.config of client:
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="BasicHttpBinding_AuthenticationService">
<security mode="Transport">
<transport clientCredentialType="None" proxyCredentialType="None"/>
</security>
</binding>
</basicHttpBinding>
</bindings>
<client>
<endpoint address="https://mydomain/WebSite/MyAuthenticationSvcWrap.svc"
binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_AuthenticationService"
contract="AuthenticationService" name="BasicHttpBinding_AuthenticationService" />
</client>
</system.serviceModel>
Actually I have changed the mode attribute of the element to Transport in the basicHttpBinding of both files and also changed the client endpoint address from http to https. I must also note here that by hitting https://mydomain/WebSite/MyAuthenticationSvcWrap.svc in a browser finds the page and gets a response.
Can anybody suggest why this behaviour might be happening?
Thanks alot
I finally managed to resolve the issue, although the answer doesn't make things any better for me, clarity-wise.
The solution was to tick "Require SSL" at SSL Settings in IIS. It doesn't make any sense because the way I perceive it, if Require SSL is not ticked, means that an SSL request can still be handled the same way.
Furthermore, the error messages continued, although this time were easier to resolve. It proved out that if the Security mode was set to 'Transport', I had to omit the Assembly name from the name attribute of the element. In other words, it had to be exactly the same with the service name declared in the .svc file. In my case System.Web.ApplicationServices.AuthenticationService, while WebSite.System.Web.ApplicationServices.AuthenticationService was giving an error. The contract attribute had to be changed accordingly.
What surprises me though is not why this happened but why this did not happen when the mode attribute was set to 'Nothing'. Although my application now works the way I want, I would still like to gain insight to the previous issues for the shake of gaining a better understanding. If anyone can help any further, I would be grateful.
Thanks alot.
I am facing an strange issue on our production server that is
An error occurred while receiving the HTTP response to http://end-http://xxxxx/Main.svc. This could be due to the service endpoint binding not using the HTTP protocol. This could also be due to an HTTP request context being aborted by the server (possibly due to the service shutting down). See server logs for more details.
Website and WCF service are deployed on same server and its perfectly working fine on our QA environment but same code & binding settings are not working on production server.
We have below binding settings on WCF service
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding closeTimeout="00:05:00" openTimeout="00:05:00" sendTimeout="00:05:00" maxBufferPoolSize="2147483647" maxBufferSize="2147483647" maxReceivedMessageSize="2147483647">
<readerQuotas maxDepth="2147483647" maxStringContentLength="2147483647" maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647" />
</binding>
</basicHttpBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior>
<!-- To avoid disclosing metadata information, set the value below to false before deployment -->
<serviceMetadata httpGetEnabled="true" />
<!-- To receive exception details in faults for debugging purposes, set the value below to true. Set to false before deployment to avoid disclosing exception information -->
<serviceDebug includeExceptionDetailInFaults="false" />
</behavior>
</serviceBehaviors>
</behaviors>
<serviceHostingEnvironment multipleSiteBindingsEnabled="true" />
</system.serviceModel>
WCF Client
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="BasicHttpBinding_IMain" maxBufferSize="2147483647" maxBufferPoolSize="2147483647"
maxReceivedMessageSize="2147483647">
<readerQuotas maxDepth="2147483647" maxStringContentLength="2147483647"
maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647" />
</binding>
</basicHttpBinding>
</bindings>
<client>
<endpoint address="http://abc/DataService/Main.svc" binding="basicHttpBinding"
bindingConfiguration="BasicHttpBinding_IMain" contract="DALService.IMain"
name="BasicHttpBinding_IMain" />
</client>
</system.serviceModel>
Could someone help one me on this to sort out this issue?
Many Thanks
Micky
Finally , I have managed to fix it & fix is to add below setting in WCF server config.
<serviceBehaviors>
<behavior>
<dataContractSerializer maxItemsInObjectGraph="2147483647" />
</behavior>
</serviceBehaviors>
I am trying to pass a BMP file as a parameter in a WCF Service. I'mm getting an error when the size of the BMP file is 350kb. When I pass a small file of 10-20 kb it runs perfectly.
The remote server returned an unexpected response: (413) Request Entity Too Large.
[OperationContract]
byte[] ConvertData(Bitmap bmp);
I have tried to solve the issue with changing IIS setting following this link: http://blogs.msdn.com/b/jiruss/archive/2007/04/13/http-413-request-entity-too-large-can-t-upload-large-files-using-iis6.aspx but no luck
My Server web.config is
<system.web>
<compilation debug="true" targetFramework="4.0" />
<httpRuntime executionTimeout="240000"/>
</system.web>
<system.serviceModel>
<bindings>
<wsHttpBinding>
<binding name="BasicHttpBinding_IService1" closeTimeout="00:10:00" openTimeout="00:10:00" receiveTimeout="00:10:00" sendTimeout="00:10:00" hostNameComparisonMode="StrongWildcard" maxReceivedMessageSize="2147483647">
<readerQuotas maxDepth="32" maxStringContentLength="2147483647" maxArrayLength="2147483647"/>
</binding>
</wsHttpBinding>
</bindings>
<services>
<service name="ReDrawImgService.Service1">
<endpoint address="" binding="wsHttpBinding" bindingConfiguration="" contract="ReDrawImgService.IService1"/>
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior>
<!-- To avoid disclosing metadata information, set the value below to false and remove the metadata endpoint above before deployment -->
<serviceMetadata httpGetEnabled="true"/>
<!-- To receive exception details in faults for debugging purposes, set the value below to true. Set to false before deployment to avoid disclosing exception information -->
<serviceDebug includeExceptionDetailInFaults="false"/>
</behavior>
</serviceBehaviors>
</behaviors>
<serviceHostingEnvironment multipleSiteBindingsEnabled="true" />
</system.serviceModel>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true"/>
</system.webServer>
My Client Web.Config is
<system.web>
<compilation debug="true" targetFramework="4.0" />
<httpRuntime executionTimeout="240000"/>
</system.web>
<system.serviceModel>
<bindings>
<wsHttpBinding>
<binding name="BasicHttpBinding_IService1" closeTimeout="00:10:00" openTimeout="00:10:00" receiveTimeout="00:10:00" sendTimeout="00:10:00" hostNameComparisonMode="StrongWildcard" maxReceivedMessageSize="2147483647">
<readerQuotas maxDepth="32" maxStringContentLength="2147483647" maxArrayLength="2147483647"/>
</binding>
</wsHttpBinding>
</bindings>
<services>
<service name="ReDrawImgService.Service1">
<endpoint address="" binding="wsHttpBinding" bindingConfiguration="" contract="ReDrawImgService.IService1"/>
</service>
</services>
<client>
<endpoint address="http://localhost:8012/Service1.svc" binding="wsHttpBinding"
bindingConfiguration="BasicHttpBinding_IService1" contract="ServiceClient.IService1"
name="BasicHttpBinding_IService1" />
</client>
</system.serviceModel>
On your readerQuotas, try to set maxStringContentLength to 2147483647 as well, and make sure this config is set on both ends.
So both the server and the client need to have these values. It's no help if the client is allowed to send a large file, if the server will reject it anyway.
What is the value of maxArrayLength on the wcf server application
I'm having trouble finding an answer for this problem. Most similar posts lean seem to be fixed by adjusting some of the maximum size settings in the web.config file. However, none of those suggestions have fixed my issue.
To give a little more background, I'm porting a asmx web service, to a WCF web service hosted in Windows Azure. This problem came up during testing. If I pass a small number of transactions to my webservice in a single call, it tends to work just fine. This error come up though when my transaction size gets around 50-60 (transactions). Serialized to xml, the file size is around 300K, so it's nothing insanely large. But it does tend to lean towards a size issue.
Also, turning on WCF tracing, I found the following exception occuring:
System.ServiceModel.ProtocolException: The maximum message size quota for incoming messages (65536) has been exceeded. To increase the quota, use the MaxReceivedMessageSize property on the appropriate binding element.
at System.ServiceModel.Channels.HttpInput.ThrowHttpProtocolException(String message, HttpStatusCode statusCode, String statusDescription)
at System.ServiceModel.Channels.HttpInput.ThrowMaxReceivedMessageSizeExceeded()
at System.ServiceModel.Channels.HttpInput.ReadBufferedMessage(Stream inputStream)
at System.ServiceModel.Channels.HttpInput.ParseIncomingMessage(Exception& requestException)
at System.ServiceModel.Channels.HttpChannelListener.HttpContextReceived(HttpRequestContext context, Action callback)
So from the exception, it looks as though one of the settings if off in my web.config, but here is what that looks like:
<system.serviceModel>
<behaviors>
<serviceBehaviors>
<behavior>
<serviceMetadata httpGetEnabled="true"/>
<serviceDebug includeExceptionDetailInFaults="true"/>
</behavior>
<behavior name="MetadataEnabled">
<serviceDebug includeExceptionDetailInFaults="true"/>
<serviceMetadata httpGetEnabled="true"/>
<useRequestHeadersForMetadataAddress>
<defaultPorts>
<add scheme="http" port="8081"/>
<add scheme="https" port="444"/>
</defaultPorts>
</useRequestHeadersForMetadataAddress>
<dataContractSerializer maxItemsInObjectGraph="111024000"/>
</behavior>
</serviceBehaviors>
</behaviors>
<services>
<service name="Bandicoot.Core" behaviorConfiguration="MetadataEnabled">
<endpoint name="HttpEndpoint"
address=""
binding="wsHttpBinding"
bindingConfiguration="wsHttp"
contract="Bandicoot.CORE.IRepricer" />
<endpoint name="HttpMetadata"
address="contract"
binding="mexHttpBinding"
bindingConfiguration="mexBinding"
contract="Bandicoot.CORE.Stack" />
<host>
<baseAddresses>
<add baseAddress="http://localhost/Core"/>
</baseAddresses>
</host>
</service>
</services>
<bindings>
<wsHttpBinding>
<binding name="wsHttp" maxReceivedMessageSize="111024000"
messageEncoding="Text" maxBufferPoolSize="111024000"
textEncoding="UTF-8">
<readerQuotas maxBytesPerRead="111024000"
maxArrayLength="111024000"
maxStringContentLength="111024000"/>
<security mode="None"/>
</binding>
</wsHttpBinding>
<mexHttpBinding>
<binding name="mexBinding"/>
</mexHttpBinding>
</bindings>
<serviceHostingEnvironment multipleSiteBindingsEnabled="true" />
Does anyone have any other suggestions, or is there something mis-configured in my web.config that I'm just not seeing?
Thanks for any advice!
Edit: Here is the settings from my client's app.config
<bindings>
<basicHttpBinding>
<binding name="BasicHttpBinding_CORE" closeTimeout="00:01:00"
openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"
allowCookies="false" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard"
maxBufferSize="14194304" maxBufferPoolSize="14194304" maxReceivedMessageSize="14194304"
messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered"
useDefaultWebProxy="true">
<readerQuotas maxDepth="1000" maxStringContentLength="111024000"
maxArrayLength="111024000" maxBytesPerRead="1024000" maxNameTableCharCount="111024000" />
<security mode="None">
<transport clientCredentialType="None" proxyCredentialType="None" realm="" />
<message clientCredentialType="UserName" algorithmSuite="Default" />
</security>
</binding>
</basicHttpBinding>
Edit: adding addition client information:
<client>
<endpoint address="http://localhost:92/CORE.svc" binding="basicHttpBinding"
bindingConfiguration="BasicHttpBinding_CORE" contract="Core.CORE"
name="BasicHttpBinding_CORE" />
</client>
Edit: Attempted changing the service bindings to basicHttpBinding - config changes:
<basicHttpBinding>
<binding name="basicHttp" maxReceivedMessageSize="111024000"
messageEncoding="Text" maxBufferPoolSize="111024000"
textEncoding="UTF-8">
<readerQuotas maxArrayLength="111024000" maxBytesPerRead="111024000" maxStringContentLength="111024000"/>
<security mode="None" />
</binding>
</basicHttpBinding>
<service name="Bandicoot.Core" behaviorConfiguration="MetadataEnabled">
<endpoint binding="basicHttpBinding"
bindingConfiguration="basicHttp"
contract="Bandicoot.CORE.IRepricer" />
<endpoint address="mex"
binding="mexHttpBinding"
bindingConfiguration="mexBinding"
contract="IMetadataExchange" />
<host>
<baseAddresses>
<add baseAddress="http://localhost/Core"/>
</baseAddresses>
</host>
</service>
And the client's app.config as well for reference:
<bindings>
<basicHttpBinding>
<binding name="BasicHttpBinding_CORE" closeTimeout="00:01:00"
openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"
allowCookies="false" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard"
maxBufferSize="65536" maxBufferPoolSize="524288" maxReceivedMessageSize="100000000"
messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered"
useDefaultWebProxy="true">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<security mode="None">
<transport clientCredentialType="None" proxyCredentialType="None"
realm="" />
<message clientCredentialType="UserName" algorithmSuite="Default" />
</security>
</binding>
</basicHttpBinding>
</bindings>
<client>
<endpoint address="http://localhost:92/CORE.svc" binding="basicHttpBinding"
bindingConfiguration="BasicHttpBinding_CORE" contract="Core.CORE"
name="BasicHttpBinding_CORE" />
</client>
You need to be setting the maxReceivedMessageSize on the client (where the message you're returning from your service is incoming) - in its app.config or web.config:
<system.serviceModel>
<bindings>
<wsHttpBinding>
<binding name="wsHttp" maxReceivedMessageSize="111024000"
messageEncoding="Text" maxBufferPoolSize="111024000"
textEncoding="UTF-8">
<readerQuotas maxBytesPerRead="111024000"
maxArrayLength="111024000"
maxStringContentLength="111024000"/>
<security mode="None"/>
</binding>
</wsHttpBinding>
<mexHttpBinding>
<binding name="mexBinding"/>
</mexHttpBinding>
</bindings>
<client name="whatever">
<endpoint name="HttpEndpoint"
address=""
binding="wsHttpBinding"
bindingConfiguration="wsHttp"
contract="Bandicoot.CORE.IRepricer" />
</client>
</system.serviceModel>
The default value for maxReceivedMessageSize is 64K, unless you change it.
I finally figured this one out this morning. The problem was that my service was not using the configuration settings that I thought it was. The reason? The service name in the configuration needs to be a fully qualified path to the service being implemented.
I found this link helpful figuring it out.
I found it a little odd that my service worked without pointing it to an actual endpoint, I guess it just uses a series of default values and if you want something different you can configure them in the web.config? I think this explains why I was getting a basicHttpBinding when I consumed the webservice in my client, instead of wsHttpBinding.
Took a few days to figure it out, but was educational. Thanks for the suggestions!
I had the same error and the cause was revealed to be a configuration error, too.
But in my case this was, like marc_s already posted, the maxReceivedMessageSize setting on the server side. The server was still using its default configuration, which was as low as 64 kb.
As obvious as this now sounds, that long it took me to find out that the error was not on my (client) side.
I hope that this may help someone else.
Hi Question Poster "Brosto"!
This supplements your Nov 17 '10 at 15:29 answer.
We had a “fun”, or should I say “educational” Production Deployment Testing issue today that took most of the day to resolve, and it was literally caused by one keystroke. We only confirmed the source of the problem, after we found out the problem disappeared after the Web Farm was fully deployed.
Here was the cause. When we test our Production Deployment, and do so against a “Single Server” by changing our hosts file, we are bypassing the Load Balancer, and the call to the Single Server ends up going over the default http port 80! When we test against the “Load Balancer”, the call to the Single Server from the Load Balancer, ends up going over the Load Balancer defined port 81!
Since the Service Endpoint Address must be “fully qualified”, to enable the service to find its Custom Bindings, the Services.config file on the Single Server must be changed to reflect the difference between “Single Server” vs “Load Balanced Server” endpoint connections, as follows:
Single Server connection:
endpoint address="http://www.myserver.com:80/Services/MyService.svc"
Load Balanced Server connection:
endpoint address="http://www.myserver.com:81/Services/MyService.svc"
My boss correctly diagnosed the core problem early, saying that the server was acting like the custom bindings were being ignored and the defaults were being used instead. After showing him your comment above where you mention the requirement of “fully qualified” service endpoint address, he realized that the host file redirection was causing our browser request to go to the Single Server over default port 80, instead of the Load Balanced port 81, which in effect altered the fully qualified service endpoint address, which caused the server to ignore the custom bindings and revert to default settings. Please note that it did NOT fail to call the service, it only failed to bind the custom bindings!
Hopefully someone will remember this posting the next time we Production Test a Service with custom bindings :)
I have a WCF service using the basicHTTP binding. The service will be targeted to be deployed
in production in a DMZ environment on a Windows Server 2008 64 bit running IIS 7.0 and is not
in an Active Directory domain.
The service will be accessed by a business partner over the Internet with SSL protection. Originally,
I had built the service to use x.509 Message authentication with wsHTTPBinding and after a lot of
problems I punted and decided to back up and use basicHTTP with UserName authentication.
Result: same exact, obscure error message as I received with certificate mode.
The service works perfectly inside our domain with the exact same authentication but as soon as
I move it to the DMZ I get an error reading: "An unsecured or incorrectly secured fault was received
from the other party. See the inner FaultException for the fault code and detail".
The inner exception message is: "An error occurred when verifying security for the message."
The services' web config with binding configuration is as follows:
<services>
<service behaviorConfiguration="HSSanoviaFacade.Service1Behavior" name="HSSanoviaFacade.HSSanoviaFacade">
<endpoint address="" binding="basicHttpBinding" contract="HSSanoviaFacade.IHSSanoviaFacade" bindingConfiguration="basicHttp">
<identity>
<dns value="localhost" />
</identity>
</endpoint>
<endpoint address="mex" binding="mexHttpsBinding" contract="IMetadataExchange" />
<host>
<baseAddresses>
<add baseAddress="https://FULLY QUALIFIED HOST NAME CHANGED TO PROTECT/>
</baseAddresses>
</host>
</service>
</services>
<bindings>
<basicHttpBinding>
<binding name="basicHttp">
<security mode="TransportWithMessageCredential">
<message clientCredentialType="UserName" />
</security>
</binding>
</basicHttpBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior name="HSSanoviaFacade.Service1Behavior">
<serviceMetadata httpsGetEnabled="True" />
<serviceDebug includeExceptionDetailInFaults="True" />
</behavior>
</serviceBehaviors>
</behaviors>
The test client's configuration that gets the error:
<bindings>
<basicHttpBinding>
<binding name="BasicHttpBinding_IHSSanoviaFacade" closeTimeout="00:01:00"
openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"
allowCookies="false" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard"
maxBufferSize="65536" maxBufferPoolSize="524288" maxReceivedMessageSize="65536"
messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered"
useDefaultWebProxy="true">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<security mode="TransportWithMessageCredential">
<transport clientCredentialType="None" proxyCredentialType="None"
realm="" />
<message clientCredentialType="UserName" algorithmSuite="Default" />
</security>
</binding>
</basicHttpBinding>
</bindings>
<client>
<endpoint address="https://HOST NAME CHANGED TO PROTECT"
binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_IHSSanoviaFacade"
contract="MembersService.IHSSanoviaFacade" name="BasicHttpBinding_IHSSanoviaFacade" />
</client>
As mentioned earlier, the service works perfectly on the domain and the production IIS box is not on a domain.
I have been tweaking and pulling my hair out for 2 weeks now and nothing seems to work. If anyone can help I
would appreciate it. Even a recommendation for a work around for authentication. I'd rather not use a custom
authentication scheme but use built-in SOAP capabilities.
The credentials pass in thru the proxy i.e. proxy.ClientCredentials.UserName.UserName and
proxy.ClientCredentials.UserName.Password are valid accounts on both the internal domain in the test
environment and as a machine account on the DMZ IIS box.
Well, maybe not exactly what I wanted but I got it to work. Must be a difference in IIS in a domain versus not.
Here are my changes to the service web config:
<security mode="Transport">
<transport clientCredentialType="Basic" />
</security>
As I understand it, this doesn't pass the credentials in the SOAP header but in the HTTP header which means message level security doesn't work in this scenario. Its all protected by an SSL certificate.