StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

POHTTP WCF Service via HTTPS
text
Body
copied!<p>I have a C# Web Application project that is secured using Forms Authentication. Managing the Authorization of various pages using the default Role Manager is working well. </p> <p>I've recently added a number of WCF (*.svc) services to the project which I call using Javascript from the browser using ASP.NET AJAX (adding a ScriptManager referencing the service). This all works fine using HTTP.</p> <p>I have now added a HTTPS binding to IIS with a certificate and am attempting to use the application via HTTPS; however the pages that reference the service throw up a '401 Unauthorized' error when they try and load the js proxy class (service.svc/jsdebug). From what I've gathered I need to change the configuration in my web.config file to make it work, but I can't find any settings that will get it working. I need it to be accessible via HTTP protocol (enableWebScript), but via HTTPS. It also needs to use the identity of the currently authenticated Forms user. </p> <p>Any general advice on configuring the endpoints in web.config would also be appreciated - or a pointer to a good tutorial. Thanks</p> <p><strong>Here is the services section of my web.config file at present</strong></p> <pre><code> <system.serviceModel> <bindings> <wsHttpBinding> <binding name="WsHttpBindingConfig"> <security mode="Transport"> <transport clientCredentialType="None" /> <message clientCredentialType="UserName"/> </security> </binding> </wsHttpBinding> <webHttpBinding> <binding name="webHttp"> <security mode="None"> </security> </binding> <binding name="default"/> </webHttpBinding> </bindings> <behaviors> <endpointBehaviors> <behavior name="webScriptEnablingBehavior"> <enableWebScript/> </behavior> <behavior name="scorelink.groups.Risk"> <enableWebScript /> </behavior> <behavior name="scorelink.tests.Benchmarks"> <enableWebScript /> </behavior> <behavior name="default"> </behavior> </endpointBehaviors> <serviceBehaviors> <behavior name="DefaultBehaviours"> <serviceMetadata httpGetEnabled="true" httpsGetEnabled="true"/> <serviceDebug includeExceptionDetailInFaults="true" /> <serviceCredentials> <userNameAuthentication userNamePasswordValidationMode="MembershipProvider" membershipProviderName="SqlProvider"/> </serviceCredentials> <serviceAuthorization principalPermissionMode="UseAspNetRoles" roleProviderName="SqlProvider" /> </behavior> <behavior name=""> <serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" /> <serviceDebug includeExceptionDetailInFaults="false" /> </behavior> </serviceBehaviors> </behaviors> <serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" /> <services> <service name="scorelink.groups.Risk"> <endpoint address="" behaviorConfiguration="scorelink.groups.Risk" binding="webHttpBinding" contract="scorelink.groups.Risk" /> </service> <service name="scorelink.tests.Benchmarks" behaviorConfiguration="DefaultBehaviours"> <endpoint address="" behaviorConfiguration="scorelink.tests.Benchmarks" binding="webHttpBinding" contract="scorelink.tests.Benchmarks" /> </service> <service name="scorelink.services.user" behaviorConfiguration="DefaultBehaviours"> <endpoint address="" binding="wsHttpBinding" behaviorConfiguration="default" bindingConfiguration="WsHttpBindingConfig" contract="scorelink.services.Iuser" /> <endpoint address="http" binding="webHttpBinding" behaviorConfiguration="webScriptEnablingBehavior" bindingConfiguration="webHttp" contract="scorelink.services.Iuser" /> </service> </services> </system.serviceModel> </code></pre> <p>It might be a bit confusing since I've tried so very many things. I am only focusing on <code>user.svc</code> at the moment, but once it's working I'll apply the configuration to all the services.</p> <p><strong>EDIT</strong></p> <p>I updated my config to one suggested but now get the following error:</p> <pre><code>The endpoint at 'https://localhost:44300/_assets/code/services/user.svc' does not have a Binding with the None MessageVersion. System.ServiceModel.Description.WebScriptEnablingBehavior' is only intended for use with WebHttpBinding or similar bindings. </code></pre> <p>I assume that this is because it is using an endpoint behaviour that specifies <code><enableWebScript /></code>. The problem is if I take that away then the service doesn't generate a javascript proxy class so I can't call it from js.</p> <p><strong>EDIT 2</strong> Here is a dump of the js proxy class that is generated by ASP.NET in response to the EnableWebScript flag. It is accessible from <code>http://uri/service.svc/jsdebug</code>:</p> <pre><code>Type.registerNamespace('scorelink.services'); scorelink.services.Iuser=function() { scorelink.services.Iuser.initializeBase(this); this._timeout = 0; this._userContext = null; this._succeeded = null; this._failed = null; } scorelink.services.Iuser.prototype={ _get_path:function() { var p = this.get_path(); if (p) return p; else return scorelink.services.Iuser._staticInstance.get_path();}, CreateUser:function(FirstName,LastName,Username,DateOfBirth,Roles,succeededCallback, failedCallback, userContext) { /// <param name="FirstName" type="String">System.String</param> /// <param name="LastName" type="String">System.String</param> /// <param name="Username" type="String">System.String</param> /// <param name="DateOfBirth" type="String">System.String</param> /// <param name="Roles" type="Array">System.String[]</param> /// <param name="succeededCallback" type="Function" optional="true" mayBeNull="true"></param> /// <param name="failedCallback" type="Function" optional="true" mayBeNull="true"></param> /// <param name="userContext" optional="true" mayBeNull="true"></param> return this._invoke(this._get_path(), 'CreateUser',false,{FirstName:FirstName,LastName:LastName,Username:Username,DateOfBirth:DateOfBirth,Roles:Roles},succeededCallback,failedCallback,userContext); }, UpdateUser:function(username,firstName,lastName,dateOfBirth,roles,succeededCallback, failedCallback, userContext) { /// <param name="username" type="String">System.String</param> /// <param name="firstName" type="String">System.String</param> /// <param name="lastName" type="String">System.String</param> /// <param name="dateOfBirth" type="String">System.String</param> /// <param name="roles" type="Array">System.String[]</param> /// <param name="succeededCallback" type="Function" optional="true" mayBeNull="true"></param> /// <param name="failedCallback" type="Function" optional="true" mayBeNull="true"></param> /// <param name="userContext" optional="true" mayBeNull="true"></param> return this._invoke(this._get_path(), 'UpdateUser',false,{username:username,firstName:firstName,lastName:lastName,dateOfBirth:dateOfBirth,roles:roles},succeededCallback,failedCallback,userContext); }, DeleteUser:function(Username,succeededCallback, failedCallback, userContext) { /// <param name="Username" type="String">System.String</param> /// <param name="succeededCallback" type="Function" optional="true" mayBeNull="true"></param> /// <param name="failedCallback" type="Function" optional="true" mayBeNull="true"></param> /// <param name="userContext" optional="true" mayBeNull="true"></param> return this._invoke(this._get_path(), 'DeleteUser',false,{Username:Username},succeededCallback,failedCallback,userContext); }, GetUserDetails:function(Username,succeededCallback, failedCallback, userContext) { /// <param name="Username" type="String">System.String</param> /// <param name="succeededCallback" type="Function" optional="true" mayBeNull="true"></param> /// <param name="failedCallback" type="Function" optional="true" mayBeNull="true"></param> /// <param name="userContext" optional="true" mayBeNull="true"></param> return this._invoke(this._get_path(), 'GetUserDetails',true,{Username:Username},succeededCallback,failedCallback,userContext); }, ChangePassword:function(oldPassword,newPassword,succeededCallback, failedCallback, userContext) { /// <param name="oldPassword" type="String">System.String</param> /// <param name="newPassword" type="String">System.String</param> /// <param name="succeededCallback" type="Function" optional="true" mayBeNull="true"></param> /// <param name="failedCallback" type="Function" optional="true" mayBeNull="true"></param> /// <param name="userContext" optional="true" mayBeNull="true"></param> return this._invoke(this._get_path(), 'ChangePassword',false,{oldPassword:oldPassword,newPassword:newPassword},succeededCallback,failedCallback,userContext); }, ChangeLockoutCode:function(password,symbol1,symbol2,succeededCallback, failedCallback, userContext) { /// <param name="password" type="String">System.String</param> /// <param name="symbol1" type="Number">System.Int32</param> /// <param name="symbol2" type="Number">System.Int32</param> /// <param name="succeededCallback" type="Function" optional="true" mayBeNull="true"></param> /// <param name="failedCallback" type="Function" optional="true" mayBeNull="true"></param> /// <param name="userContext" optional="true" mayBeNull="true"></param> return this._invoke(this._get_path(), 'ChangeLockoutCode',false,{password:password,symbol1:symbol1,symbol2:symbol2},succeededCallback,failedCallback,userContext); }} scorelink.services.Iuser.registerClass('scorelink.services.Iuser',Sys.Net.WebServiceProxy); scorelink.services.Iuser._staticInstance = new scorelink.services.Iuser(); scorelink.services.Iuser.set_path = function(value) { scorelink.services.Iuser._staticInstance.set_path(value); } scorelink.services.Iuser.get_path = function() { /// <value type="String" mayBeNull="true">The service url.</value> return scorelink.services.Iuser._staticInstance.get_path();} scorelink.services.Iuser.set_timeout = function(value) { scorelink.services.Iuser._staticInstance.set_timeout(value); } scorelink.services.Iuser.get_timeout = function() { /// <value type="Number">The service timeout.</value> return scorelink.services.Iuser._staticInstance.get_timeout(); } scorelink.services.Iuser.set_defaultUserContext = function(value) { scorelink.services.Iuser._staticInstance.set_defaultUserContext(value); } scorelink.services.Iuser.get_defaultUserContext = function() { /// <value mayBeNull="true">The service default user context.</value> return scorelink.services.Iuser._staticInstance.get_defaultUserContext(); } scorelink.services.Iuser.set_defaultSucceededCallback = function(value) { scorelink.services.Iuser._staticInstance.set_defaultSucceededCallback(value); } scorelink.services.Iuser.get_defaultSucceededCallback = function() { /// <value type="Function" mayBeNull="true">The service default succeeded callback.</value> return scorelink.services.Iuser._staticInstance.get_defaultSucceededCallback(); } scorelink.services.Iuser.set_defaultFailedCallback = function(value) { scorelink.services.Iuser._staticInstance.set_defaultFailedCallback(value); } scorelink.services.Iuser.get_defaultFailedCallback = function() { /// <value type="Function" mayBeNull="true">The service default failed callback.</value> return scorelink.services.Iuser._staticInstance.get_defaultFailedCallback(); } scorelink.services.Iuser.set_enableJsonp = function(value) { scorelink.services.Iuser._staticInstance.set_enableJsonp(value); } scorelink.services.Iuser.get_enableJsonp = function() { /// <value type="Boolean">Specifies whether the service supports JSONP for cross domain calling.</value> return scorelink.services.Iuser._staticInstance.get_enableJsonp(); } scorelink.services.Iuser.set_jsonpCallbackParameter = function(value) { scorelink.services.Iuser._staticInstance.set_jsonpCallbackParameter(value); } scorelink.services.Iuser.get_jsonpCallbackParameter = function() { /// <value type="String">Specifies the parameter name that contains the callback function name for a JSONP request.</value> return scorelink.services.Iuser._staticInstance.get_jsonpCallbackParameter(); } scorelink.services.Iuser.set_path("http://localhost:5584/_assets/code/services/user.svc"); scorelink.services.Iuser.CreateUser= function(FirstName,LastName,Username,DateOfBirth,Roles,onSuccess,onFailed,userContext) { /// <param name="FirstName" type="String">System.String</param> /// <param name="LastName" type="String">System.String</param> /// <param name="Username" type="String">System.String</param> /// <param name="DateOfBirth" type="String">System.String</param> /// <param name="Roles" type="Array">System.String[]</param> /// <param name="succeededCallback" type="Function" optional="true" mayBeNull="true"></param> /// <param name="failedCallback" type="Function" optional="true" mayBeNull="true"></param> /// <param name="userContext" optional="true" mayBeNull="true"></param> scorelink.services.Iuser._staticInstance.CreateUser(FirstName,LastName,Username,DateOfBirth,Roles,onSuccess,onFailed,userContext); } scorelink.services.Iuser.UpdateUser= function(username,firstName,lastName,dateOfBirth,roles,onSuccess,onFailed,userContext) { /// <param name="username" type="String">System.String</param> /// <param name="firstName" type="String">System.String</param> /// <param name="lastName" type="String">System.String</param> /// <param name="dateOfBirth" type="String">System.String</param> /// <param name="roles" type="Array">System.String[]</param> /// <param name="succeededCallback" type="Function" optional="true" mayBeNull="true"></param> /// <param name="failedCallback" type="Function" optional="true" mayBeNull="true"></param> /// <param name="userContext" optional="true" mayBeNull="true"></param> scorelink.services.Iuser._staticInstance.UpdateUser(username,firstName,lastName,dateOfBirth,roles,onSuccess,onFailed,userContext); } scorelink.services.Iuser.DeleteUser= function(Username,onSuccess,onFailed,userContext) { /// <param name="Username" type="String">System.String</param> /// <param name="succeededCallback" type="Function" optional="true" mayBeNull="true"></param> /// <param name="failedCallback" type="Function" optional="true" mayBeNull="true"></param> /// <param name="userContext" optional="true" mayBeNull="true"></param> scorelink.services.Iuser._staticInstance.DeleteUser(Username,onSuccess,onFailed,userContext); } scorelink.services.Iuser.GetUserDetails= function(Username,onSuccess,onFailed,userContext) { /// <param name="Username" type="String">System.String</param> /// <param name="succeededCallback" type="Function" optional="true" mayBeNull="true"></param> /// <param name="failedCallback" type="Function" optional="true" mayBeNull="true"></param> /// <param name="userContext" optional="true" mayBeNull="true"></param> scorelink.services.Iuser._staticInstance.GetUserDetails(Username,onSuccess,onFailed,userContext); } scorelink.services.Iuser.ChangePassword= function(oldPassword,newPassword,onSuccess,onFailed,userContext) { /// <param name="oldPassword" type="String">System.String</param> /// <param name="newPassword" type="String">System.String</param> /// <param name="succeededCallback" type="Function" optional="true" mayBeNull="true"></param> /// <param name="failedCallback" type="Function" optional="true" mayBeNull="true"></param> /// <param name="userContext" optional="true" mayBeNull="true"></param> scorelink.services.Iuser._staticInstance.ChangePassword(oldPassword,newPassword,onSuccess,onFailed,userContext); } scorelink.services.Iuser.ChangeLockoutCode= function(password,symbol1,symbol2,onSuccess,onFailed,userContext) { /// <param name="password" type="String">System.String</param> /// <param name="symbol1" type="Number">System.Int32</param> /// <param name="symbol2" type="Number">System.Int32</param> /// <param name="succeededCallback" type="Function" optional="true" mayBeNull="true"></param> /// <param name="failedCallback" type="Function" optional="true" mayBeNull="true"></param> /// <param name="userContext" optional="true" mayBeNull="true"></param> scorelink.services.Iuser._staticInstance.ChangeLockoutCode(password,symbol1,symbol2,onSuccess,onFailed,userContext); } var gtc = Sys.Net.WebServiceProxy._generateTypedConstructor; if (typeof(scorelink.services.UserDetails) === 'undefined') { scorelink.services.UserDetails=gtc("UserDetails:http://schemas.datacontract.org/2004/07/scorelink.services"); scorelink.services.UserDetails.registerClass('scorelink.services.UserDetails'); } </code></pre>

Querying!

Guidance

An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload