Wcf Basic authentication

Question

Having some trouble using basic authentication with a simple test Wcf service. I am getting an exception:

The requested service, \'http://qld-tgower/test/

Answer 1

Try for both client and server configs

<basicHttpBinding>
    <binding name="BasicHttpBinding_IService">
        <security mode="TransportCredentialOnly">
            <transport clientCredentialType="Basic" />
        </security>
    </binding>
</basicHttpBinding>

Install/Enable basic authentication

You may also need to install and apply basic authentication in IIS.

Goto "Programs and Features" / "Turn windows features on/off ". Enable "basic authentication" somewhere under IIS and security.

I closed and opened the IIS console and was able to enable it under authentication settings.

This of course if for a development testing and it warns you about not having an SSL certificate.

Answer 2

Change the name and contract of the service to include the namespace.

Also, remove the endpoint address (set it to "") and don't include proxyCredentialType in the transport tag.

End result of the web.config should look something like this

  <system.serviceModel>

    <services>
      <service name="MyNameSpace.MyService" behaviorConfiguration="asdf">
        <endpoint address="" binding="basicHttpBinding" 
            bindingConfiguration="httpBinding" contract="MyNameSpace.IMyService" />
      </service>
    </services>

    <diagnostics>
      <endToEndTracing activityTracing="true" messageFlowTracing="true" 
          propagateActivity="true">
      </endToEndTracing>
    </diagnostics>

    <bindings>
      <basicHttpBinding>
        <binding name="httpBinding">
          <security mode="TransportCredentialOnly">
            <transport clientCredentialType="Basic" />
          </security>
        </binding>
      </basicHttpBinding>
    </bindings>

    <behaviors>
      <serviceBehaviors>
        <behavior name="asdf">
          <!-- To avoid disclosing metadata information, set the value below to 
               false and remove the metadata endpoint above before deployment -->
          <serviceMetadata httpGetEnabled="true" />
          <!-- To receive exception details in faults for debugging purposes, 
               set the value below to true.  Set to false before deployment to avoid 
               disclosing exception information -->
          <serviceDebug  includeExceptionDetailInFaults="true" />

        </behavior>
      </serviceBehaviors>
    </behaviors>

    <serviceHostingEnvironment multipleSiteBindingsEnabled="false"/>

  </system.serviceModel>

Answer 3

You're not allowed to use username authentication over an unsecured connection

You can secure the message by using a secure transport (e.g. SSL) or message encryption (using certificates)

I have used ClearUsernameBinding in the past to great success, but I don't recommend it in production. I used it so that I could keep all my authentication code the same without requiring SSL in dev/test environments, but having it work with SSL by changing the configuration only.

Note: that custom binding isn't perfect, and I had to change it a bit to enable certain configuration changes.

Answer 4

This is what solved the issue for me:

<bindings>
  <basicHttpBinding>
    <binding>
      <security mode="TransportCredentialOnly">
        <transport clientCredentialType="Windows" />
      </security>
    </binding>
  </basicHttpBinding>
</bindings>

For reference see: https://msdn.microsoft.com/en-gb/library/ff648505.aspx