8

I've developd a WCF Service with a custom UserNamePasswordValidator with a basicHttpBinding using HTTPS. It works great with a .Net client, using ClientCredentials to send the username and password for authentication.

However, I need to call this from a Delphi XE client. How to I send the equivalent of .Net ClientCredentials using Delphi? Is that possible? If it is, how? If it is not, are there alternatives?

Tks

EDIT

Below is my client side code in .Net:

EndpointAddress oTransac = new EndpointAddress(GetAddress());
using (WebServiceClient oClient = new WebServiceClient ("httpbasic", oTransac))
{
  oClient.ClientCredentials.UserName.UserName = "username";
  oClient.ClientCredentials.UserName.Password = "password";
  oClient.DoStuff();
}

EDIT

I've been doing some research, and I've been able to do authentication between Delphi and old asmx web services using SOAP Hearders. I found the article below. Will I be able to achieve the same behavior of the old [WebMethod] [System.Web.Services.Protocols.SoapHeader("SoapHeader")] using the article's technique?

http://weblogs.asp.net/paolopia/archive/2008/02/25/handling-custom-soap-headers-via-wcf-behaviors.aspx

EDIT BOUNTY

The get marked as the correct answer of the bounty, I would like to be able to call the web service from Delphi using WCF Service UserNamePasswordValidator on the server side.

Pascal
  • 2,944
  • 7
  • 49
  • 78
  • you can send the credentials over the http headers right ? – Aravind May 23 '11 at 11:14
  • In Delphi, yes... but since it's over HTTPS, I can't read the SOAP Header in the message using Fiddler, so I don't know what to send. – Pascal May 23 '11 at 11:20
  • Do you know how to format the SOAP Header manually in .Net code? If you do, I might be able to convert it into Delphi. Any help is help! Tks – Pascal May 23 '11 at 11:22
  • Take a look at WCFextras http://wcfextras.codeplex.com/ and SoapHeader class. http://msdn.microsoft.com/en-us/library/system.web.services.protocols.soapheader%28v=VS.90%29.aspx – Aravind May 23 '11 at 11:28
  • Interesting. I would have to disable all the WCF default security configuration in web.config, like TransportWithMessageCredential and UserNamePasswordValidator, and do it manually, correct, via SOAP Header? – Pascal May 23 '11 at 11:37
  • I have not tried it extensively.I hope there is enough documentation there to help you. In one case i just created a flat wsdl so that a java client can consume wcf properly. – Aravind May 23 '11 at 11:50

2 Answers2

5

First, basicHttpBinding is over HTTP (not HTTPS)

http://msdn.microsoft.com/en-us/library/ms731361.aspx

To consume a WFC service from Delphi is usually done by producing a WSDL from the service

How to create a single WSDL file from existing WCF service?

http://social.msdn.microsoft.com/Forums/en/wcf/thread/fc2c5074-1116-4f92-a972-01bb3a142535

WCF: how to generate a single WSDL document, without WSDL:import?

and generating a Delphi proxy class by importing that WSDL into your Delphi project. 

>wsdlimport.exe service.wsdl

and then use the generated Delphi unit in your Delphi project

http://www.drbob42.com/examines/examinB9.htm

http://edn.embarcadero.com/article/36962

The parameters you send to service calls (username, password, ClientCredientials, etc) will be defined in the generated Delphi unit - should be no problem as long as you can connect to the service.

Community
  • 1
  • 1
Sam
  • 2,663
  • 10
  • 41
  • 60
  • Tks. I've done all that. I initially wanted to do the User/Password validation with WCF's default UserNamePasswordValidator, and web.config TransportWithMessageCredential, but I can't figure out how to send the username/password information over to WCF (in .net, done with ClientCredentials). I'm trying now to send it via SoapHeader, in WCF, since I've successfully called SOAP Header via Delphi. However, If that doesn't work, I'll send them over via parameters. – Pascal May 23 '11 at 13:52
  • basicHttpBinding doesn't support TransportWithMessageCredential http://msdn.microsoft.com/en-us/library/ms789011.aspx – Sam May 24 '11 at 05:40
  • Interesting, but I did get it working with Https, and sending username credentials with. Net clients on both ends of the wire. Sending username and password through method parameters is easy. Have you been able to do with SOAP header using WCF and Delphi? I've done it with the old asp.net web aervices. Tka – Pascal May 24 '11 at 13:09
  • Are you sure the .Net client was connecting with basicHttpBinding? Can you post your .config file for the service or show code that creates the 'httpbasic' endpoint? Yes, I have got a delphi client talking to a WCF service that exposes a basicHttpBinding endpoint, but the trick was creating a "flat wsdl" by using WCFExtras. – Sam May 25 '11 at 23:58
  • No I haven't got username and password sent in SOAP header. But I have a Delphi client talking to a WCF service. Which is your priority? – Sam May 26 '11 at 00:03
  • Sorry for taking so long. I have two Delphi XE Update Pack 1 client talking to a WCF service using basicHttpBinding without a problem, even without a flat wsdl. I worked without a problem. One of the client uses Transport security (HTTPS) and it works well. My problem is securing the message, since it's on the open internet. I used user/password on the method call, but I would really like to use a more elegant solution, such as SOAP header. I've done this on aspx on web services, but I haven't been able to do this in WCF, specially using a UserNamePasswordValidator on the server side – Pascal May 28 '11 at 01:07
  • Sorry Pascal, best I can right now is point you to this http://msdn.microsoft.com/en-us/library/ms731925.aspx – Sam May 29 '11 at 04:31
1

Some weeks ago I also had to connect to a WCF service. I ended up writing the client in .net and using UnmanagedExports https://sites.google.com/site/robertgiesecke/Home/uploads/unmanagedexports

The dll can then be consumed in Delphi like a native dll

doerig
  • 1,857
  • 1
  • 18
  • 26
  • That's a good idea too. This way you get to keep security and don't need basicHttpBinding endpoints anymore. Should be a lot faster too. – Sam Jun 20 '11 at 12:59