0

I have built A webservice in WCF on a Server PC. I have made an https endpoint and configured some local certificates. Now on the network I am trying to create a C# console client to test the service. But i receive this error: Unhandled Exception: System.ServiceModel.Security.SecurityNegotiationException: The caller was not authenticated by the service. ---> System.ServiceModel.FaultE xception: The request for security token could not be satisfied because authenti cation failed.(and more)..

Here the code of the endpoint on which i want to connect to:

http://pastebin.com/GGe6YaTb

And this will be my client:

    <bindings>
        <wsHttpBinding>
            <binding name="WebDataServiceHttpBinding" closeTimeout="00:01:00"
                openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"
                bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard"
                maxBufferPoolSize="524288" maxReceivedMessageSize="65536"
                messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true"
                allowCookies="false">
                <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
                    maxBytesPerRead="4096" maxNameTableCharCount="16384" />
                <reliableSession ordered="true" inactivityTimeout="00:10:00"
                    enabled="false" />
                <security mode="TransportWithMessageCredential">
                    <transport clientCredentialType="None" proxyCredentialType="None"
                        realm="" />
                    <message clientCredentialType="Windows" negotiateServiceCredential="true" />
                </security>
            </binding>
        </wsHttpBinding>
    </bindings>
    <client>
        <endpoint address="https://anlocalip:9651/WebDataService" binding="wsHttpBinding"
            bindingConfiguration="WebDataServiceHttpBinding" contract="wcf1.IWebDataService"
            name="WebDataServiceHttpBinding">
            <identity>
                <dns value="localhost" />
            </identity>
        </endpoint>
    </client>
</system.serviceModel>

I can't get out of this error, can someone help me???

user1350954
  • 35
  • 5

2 Answers2

0

You might need to install/import the certificate in the client's unit.

How can I install a certificate into the local machine store programmatically using c#?
stackoverflow.com

I have a certificate generated via MakeCert. I want to use this certificate for WCF message security using PeerTrust. How can I programmatically install the certificate into the "trusted people" local machine certificate store using c# or .NET?


Install certificates in to the Windows Local user certificate store in C#
stackoverflow.com

I'm writing a windows service that needs several certificates in the certificate store in order to connect to a third party web service...


Or to secure the service with a certificate.

How to: Secure a Service with an X.509 Certificate
msdn.microsoft.com

Securing a service with an X.509 certificate is a basic technique that most bindings in Windows Communication Foundation (WCF) use. This topic walks through the steps of configuring a self-hosted service with an X.509 certificate.

Community
  • 1
  • 1
John Isaiah Carmona
  • 5,260
  • 10
  • 45
  • 79
0

Try setting impersonation level before opening your proxy:

serviceProxy.ClientCredentials.Windows.AllowedImpersonationLevel = System.Security.Principal.TokenImpersonationLevel.Impersonation;
serviceProxy.Open();
Maciej
  • 7,871
  • 1
  • 31
  • 36
  • doesnt work, on the client config i have changed to and then i get this error..:Unhandled Exception:System.ServiceModel.FaultException : The message could not be processed. This is most likely the action 'http://mynamespace/Login is incorrect or because the message contains an invalid or expired security context token or because there is a mismatch between bindings. The security context token would be invalid if the service aborted the channel due to inactivity. To prevent the service from... etc. – user1350954 Apr 23 '12 at 10:31
  • According to documentation, HttpClientCredentialType is ignored in TransportWithMessageCredential mode. Try to have something simpler working first, like Transport security with ClientCredentialType="Basic" – Maciej Apr 23 '12 at 12:06
  • wcf the username is not provided. specify username in clientcredentials – user1350954 Apr 23 '12 at 12:17
  • Of course you have to provide user and pass via `serviceProxy.ClientCredentials.UserName` before opening proxy and implement custom `UserNamePasswordValidator` in your service behavior. – Maciej Apr 23 '12 at 16:45
  • Do you insist on using Windows credential type? Otherwise I can show you how to authenticate using User/Pass. – Maciej Apr 23 '12 at 16:48
  • Maciej how do i do that i only have the xml config files of the wcf service – user1350954 Apr 24 '12 at 06:57
  • @user1350954 You have to be able to change your code to solve this. Configuration alone is not enough. – Maciej Apr 24 '12 at 14:56