T
Thien Tran
I want to register
Kranthi Remala wrote:
How to configure security under this scenario.
24-Feb-09
HI Daniel / Steven,
It was worthwhile reading through the thread yet it does not solve my problem which is very similar but with the "Security" ON!!..
Security is very essential for the service that I am hosting else I could have used BasicHttpBinding as well to configure the client and then apply the SSL manually. But we have gone fir wsHttpBinding as it implicitly support the WS-Security protocol stack.
But, I'm facing the same authentication issue when I'm consuming the wcf service in windows service.
Any help would be greatly apprieciated as I need i urgently.
Regards,
Kranthi
Previous Posts In This Thread:
Error consuming WCF service in Windows Service
Hi
I have a windows service that consumes a WCF service. It works well when I
run this service under my AD account, which is in the admin group of the os.
But if I run it under the defaul Local System account, it reports error like
the following
---The socket connection was aborted. This could be caused by an error
processing your message or a receive timeout being exceeded by the remote
host, or an underlying network resource issue. Local socket timeout was
'00:10:00'
Server stack trace:
at System.ServiceModel.Channels.SocketConnection.ReadCore(Byte[] buffer,
Int32 offset, Int32 size, TimeSpan timeout, Boolean closing
at System.ServiceModel.Channels.SocketConnection.Read(Byte[] buffer,
Int32 offset, Int32 size, TimeSpan timeout
at System.ServiceModel.Channels.DelegatingConnection.Read(Byte[] buffer,
Int32 offset, Int32 size, TimeSpan timeout
at System.ServiceModel.Channels.ConnectionStream.Read(Byte[] buffer,
Int32 offset, Int32 count, TimeSpan timeout
at System.ServiceModel.Channels.ConnectionStream.Read(Byte[] buffer,
Int32 offset, Int32 count
at System.Net.Security.NegotiateStream.Read(Byte[] buffer, Int32 offset,
Int32 count
at System.ServiceModel.Channels.StreamConnection.Read(Byte[] buffer,
Int32 offset, Int32 size, TimeSpan timeout
at
System.ServiceModel.Channels.ClientFramingDuplexSessionChannel.SendPreamble(IConnection connection, ArraySegment`1 preamble, TimeoutHelper& timeoutHelper
at
System.ServiceModel.Channels.ClientFramingDuplexSessionChannel.DuplexConnectionPoolHelper.AcceptPooledConnection(IConnection
connection, TimeoutHelper& timeoutHelper
at
System.ServiceModel.Channels.ConnectionPoolHelper.EstablishConnection(TimeSpan timeout
at
System.ServiceModel.Channels.ClientFramingDuplexSessionChannel.OnOpen(TimeSpan timeout
at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout
at System.ServiceModel.Channels.ServiceChannel.OnOpen(TimeSpan timeout
at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout
at
System.ServiceModel.Channels.ServiceChannel.CallOnceManager.CallOnce(TimeSpan
timeout, CallOnceManager cascade
at System.ServiceModel.Channels.ServiceChannel.EnsureOpened(TimeSpan
timeout
at System.ServiceModel.Channels.ServiceChannel.Call(String action,
Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs,
TimeSpan timeout
at
System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation
at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage
message
Exception rethrown at [0]:
at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage
reqMsg, IMessage retMsg
at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData&
msgData, Int32 type
--
I can't figure why it doesn't work in the defaul account, is there any
security issue
Thanks
Daniel
Hi Daniel,From your description, you're encountering some problem when try
Hi Daniel
From your description, you're encountering some problem when try consuming
a WCF service in a windows service application. Also, the problem occurs
when you use LOCAL SYSTEM to run the windows service(work well if use a
domain account), correct?
From a general view, the problem does be likely due to
security/authentication related issue. Would you provide some further
information about your WCF service such as whether it has used transport
security or message layer security and whether it use windows
authentication and require a client identity when accessing it? Since
LOCAL SYSTEM is a local account, when you accessing the remote service and
the service require a valid windows identity, it may not recognize the
LOCAL SYSTEM identity of your client machine(where the windows service
runs).
Also, for test, you can try a simple WCF service without
authentication/security to see whether it can be called correctly.
Sincerely,
Steven Cheng
Microsoft MSDN Online Support Lead
==================================================
Get notification to my posts through email? Please refer to
http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif
ications.
Note: The MSDN Managed Newsgroup support offering is for non-urgent issues
where an initial response from the community or a Microsoft Support
Engineer within 1 business day is acceptable. Please note that each follow
up response may take approximately 2 business days as the support
professional working with you may need further investigation to reach the
most efficient resolution. The offering is not appropriate for situations
that require urgent, real-time or phone-based interactions or complex
project analysis and dump analysis issues. Issues of this nature are best
handled working with a dedicated Microsoft Support Engineer by contacting
Microsoft Customer Support Services (CSS) at
http://msdn.microsoft.com/subscriptions/support/default.aspx.
==================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
os.
like
buffer,
buffer,
offset,
(IConnection connection, ArraySegment`1 preamble, TimeoutHelper&
timeoutHelper)
tionPoolHelper.AcceptPooledConnection(IConnection
pan timeout)
pan timeout)
timeout)
timeout)
an
outs,
essage methodCall, ProxyOperationRuntime operation)
System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage
Thanks, Steven.
Thanks, Steven. This is the security setting in the service:
<netTcpBinding>
<binding name="NewBinding0" closeTimeout="00:02:00"
openTimeout="00:02:00" receiveTimeout="00:30:00" sendTimeout="00:30:00"
maxConnections="100" maxReceivedMessageSize="655360000">
<security>
<transport protectionLevel="None" />
</security>
</binding>
</netTcpBinding>
I don't really need the message be protected, security isn't an issue yet,
so if there is anyway to get the Local System calling the service, security
could be sacrificed.
Daniel
:
Hi Daniel,Thanks for your reply.
Hi Daniel,
Thanks for your reply.
Yes, the security related setting of WCF service endpoing is in the binding
configuration area. However, I noticed that you only set the
"protectionLevel" of the netTcpBinding to "none", this means that there is
no encryption and integrity protect for the transferred messages and
authentication will still exists. I think you can try the following
setting to completely turn off the security(for test purpose):
=======================
<bindings>
<netTcpBinding>
<binding name="netTcpBindingConfig" >
<security mode="None" >
<transport protectionLevel="None"/>
</security>
</binding>
</netTcpBinding>
</bindings>
========================
Sincerely,
Steven Cheng
Microsoft MSDN Online Support Lead
This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
<sAcF#[email protected]>
security
consuming
and
http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif
issues
follow
the
situations
best
contacting
rights.
when I
the
remote
timeout)
System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData&
It works. Thanks a lot, Steven!Daniel
It works. Thanks a lot, Steven!
Daniel
Thanks for your quick reply Daniel,Well, that tells us the problem does be the
Thanks for your quick reply Daniel,
Well, that tells us the problem does be the security context(and the WCF
authentication). Though you may work with security turned off, I still
suggest you have a look at the WCF stuffs and apply some basic security
features so as to make your service secured(also useful for future
cases...):
http://msdn2.microsoft.com/en-us/library/ms735093.aspx
http://msdn2.microsoft.com/en-us/library/ms731925.aspx
Sincerely,
Steven Cheng
Microsoft MSDN Online Support Lead
This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
<sAcF#[email protected]>
<[email protected]>
<[email protected]>
How to configure security under this scenario.
HI Daniel / Steven,
It was worthwhile reading through the thread yet it does not solve my problem which is very similar but with the "Security" ON!!..
Security is very essential for the service that I am hosting else I could have used BasicHttpBinding as well to configure the client and then apply the SSL manually. But we have gone fir wsHttpBinding as it implicitly support the WS-Security protocol stack.
But, I'm facing the same authentication issue when I'm consuming the wcf service in windows service.
Any help would be greatly apprieciated as I need i urgently.
Regards,
Kranthi
Submitted via EggHeadCafe - Software Developer Portal of Choice
Free Online Courses Available for Eggheadcafe.com Users
http://www.eggheadcafe.com/tutorial...8-fc3cf6855293/free-online-courses-avail.aspx
Kranthi Remala wrote:
How to configure security under this scenario.
24-Feb-09
HI Daniel / Steven,
It was worthwhile reading through the thread yet it does not solve my problem which is very similar but with the "Security" ON!!..
Security is very essential for the service that I am hosting else I could have used BasicHttpBinding as well to configure the client and then apply the SSL manually. But we have gone fir wsHttpBinding as it implicitly support the WS-Security protocol stack.
But, I'm facing the same authentication issue when I'm consuming the wcf service in windows service.
Any help would be greatly apprieciated as I need i urgently.
Regards,
Kranthi
Previous Posts In This Thread:
Error consuming WCF service in Windows Service
Hi
I have a windows service that consumes a WCF service. It works well when I
run this service under my AD account, which is in the admin group of the os.
But if I run it under the defaul Local System account, it reports error like
the following
---The socket connection was aborted. This could be caused by an error
processing your message or a receive timeout being exceeded by the remote
host, or an underlying network resource issue. Local socket timeout was
'00:10:00'
Server stack trace:
at System.ServiceModel.Channels.SocketConnection.ReadCore(Byte[] buffer,
Int32 offset, Int32 size, TimeSpan timeout, Boolean closing
at System.ServiceModel.Channels.SocketConnection.Read(Byte[] buffer,
Int32 offset, Int32 size, TimeSpan timeout
at System.ServiceModel.Channels.DelegatingConnection.Read(Byte[] buffer,
Int32 offset, Int32 size, TimeSpan timeout
at System.ServiceModel.Channels.ConnectionStream.Read(Byte[] buffer,
Int32 offset, Int32 count, TimeSpan timeout
at System.ServiceModel.Channels.ConnectionStream.Read(Byte[] buffer,
Int32 offset, Int32 count
at System.Net.Security.NegotiateStream.Read(Byte[] buffer, Int32 offset,
Int32 count
at System.ServiceModel.Channels.StreamConnection.Read(Byte[] buffer,
Int32 offset, Int32 size, TimeSpan timeout
at
System.ServiceModel.Channels.ClientFramingDuplexSessionChannel.SendPreamble(IConnection connection, ArraySegment`1 preamble, TimeoutHelper& timeoutHelper
at
System.ServiceModel.Channels.ClientFramingDuplexSessionChannel.DuplexConnectionPoolHelper.AcceptPooledConnection(IConnection
connection, TimeoutHelper& timeoutHelper
at
System.ServiceModel.Channels.ConnectionPoolHelper.EstablishConnection(TimeSpan timeout
at
System.ServiceModel.Channels.ClientFramingDuplexSessionChannel.OnOpen(TimeSpan timeout
at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout
at System.ServiceModel.Channels.ServiceChannel.OnOpen(TimeSpan timeout
at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout
at
System.ServiceModel.Channels.ServiceChannel.CallOnceManager.CallOnce(TimeSpan
timeout, CallOnceManager cascade
at System.ServiceModel.Channels.ServiceChannel.EnsureOpened(TimeSpan
timeout
at System.ServiceModel.Channels.ServiceChannel.Call(String action,
Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs,
TimeSpan timeout
at
System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation
at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage
message
Exception rethrown at [0]:
at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage
reqMsg, IMessage retMsg
at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData&
msgData, Int32 type
--
I can't figure why it doesn't work in the defaul account, is there any
security issue
Thanks
Daniel
Hi Daniel,From your description, you're encountering some problem when try
Hi Daniel
From your description, you're encountering some problem when try consuming
a WCF service in a windows service application. Also, the problem occurs
when you use LOCAL SYSTEM to run the windows service(work well if use a
domain account), correct?
From a general view, the problem does be likely due to
security/authentication related issue. Would you provide some further
information about your WCF service such as whether it has used transport
security or message layer security and whether it use windows
authentication and require a client identity when accessing it? Since
LOCAL SYSTEM is a local account, when you accessing the remote service and
the service require a valid windows identity, it may not recognize the
LOCAL SYSTEM identity of your client machine(where the windows service
runs).
Also, for test, you can try a simple WCF service without
authentication/security to see whether it can be called correctly.
Sincerely,
Steven Cheng
Microsoft MSDN Online Support Lead
==================================================
Get notification to my posts through email? Please refer to
http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif
ications.
Note: The MSDN Managed Newsgroup support offering is for non-urgent issues
where an initial response from the community or a Microsoft Support
Engineer within 1 business day is acceptable. Please note that each follow
up response may take approximately 2 business days as the support
professional working with you may need further investigation to reach the
most efficient resolution. The offering is not appropriate for situations
that require urgent, real-time or phone-based interactions or complex
project analysis and dump analysis issues. Issues of this nature are best
handled working with a dedicated Microsoft Support Engineer by contacting
Microsoft Customer Support Services (CSS) at
http://msdn.microsoft.com/subscriptions/support/default.aspx.
==================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
os.
like
buffer,
buffer,
offset,
(IConnection connection, ArraySegment`1 preamble, TimeoutHelper&
timeoutHelper)
tionPoolHelper.AcceptPooledConnection(IConnection
pan timeout)
pan timeout)
timeout)
timeout)
an
outs,
essage methodCall, ProxyOperationRuntime operation)
System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage
Thanks, Steven.
Thanks, Steven. This is the security setting in the service:
<netTcpBinding>
<binding name="NewBinding0" closeTimeout="00:02:00"
openTimeout="00:02:00" receiveTimeout="00:30:00" sendTimeout="00:30:00"
maxConnections="100" maxReceivedMessageSize="655360000">
<security>
<transport protectionLevel="None" />
</security>
</binding>
</netTcpBinding>
I don't really need the message be protected, security isn't an issue yet,
so if there is anyway to get the Local System calling the service, security
could be sacrificed.
Daniel
:
Hi Daniel,Thanks for your reply.
Hi Daniel,
Thanks for your reply.
Yes, the security related setting of WCF service endpoing is in the binding
configuration area. However, I noticed that you only set the
"protectionLevel" of the netTcpBinding to "none", this means that there is
no encryption and integrity protect for the transferred messages and
authentication will still exists. I think you can try the following
setting to completely turn off the security(for test purpose):
=======================
<bindings>
<netTcpBinding>
<binding name="netTcpBindingConfig" >
<security mode="None" >
<transport protectionLevel="None"/>
</security>
</binding>
</netTcpBinding>
</bindings>
========================
Sincerely,
Steven Cheng
Microsoft MSDN Online Support Lead
This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
<sAcF#[email protected]>
security
consuming
and
http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif
issues
follow
the
situations
best
contacting
rights.
when I
the
remote
timeout)
System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData&
It works. Thanks a lot, Steven!Daniel
It works. Thanks a lot, Steven!
Daniel
Thanks for your quick reply Daniel,Well, that tells us the problem does be the
Thanks for your quick reply Daniel,
Well, that tells us the problem does be the security context(and the WCF
authentication). Though you may work with security turned off, I still
suggest you have a look at the WCF stuffs and apply some basic security
features so as to make your service secured(also useful for future
cases...):
http://msdn2.microsoft.com/en-us/library/ms735093.aspx
http://msdn2.microsoft.com/en-us/library/ms731925.aspx
Sincerely,
Steven Cheng
Microsoft MSDN Online Support Lead
This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
<sAcF#[email protected]>
<[email protected]>
<[email protected]>
How to configure security under this scenario.
HI Daniel / Steven,
It was worthwhile reading through the thread yet it does not solve my problem which is very similar but with the "Security" ON!!..
Security is very essential for the service that I am hosting else I could have used BasicHttpBinding as well to configure the client and then apply the SSL manually. But we have gone fir wsHttpBinding as it implicitly support the WS-Security protocol stack.
But, I'm facing the same authentication issue when I'm consuming the wcf service in windows service.
Any help would be greatly apprieciated as I need i urgently.
Regards,
Kranthi
Submitted via EggHeadCafe - Software Developer Portal of Choice
Free Online Courses Available for Eggheadcafe.com Users
http://www.eggheadcafe.com/tutorial...8-fc3cf6855293/free-online-courses-avail.aspx