I've seen a lot of information surrounding security with a WCF RESTful service but all of them are way more involved than I feel that I need.

Here is my situation: I have a WCF REST service up and running on a Windows Server 2012/IIS server.  I can, of course, make calls to it from my browser (any browser on any machine).

The only thing that I'd like to change is that I only want *my* client app(s) to be able to make calls to the service.  This is not a public/API type service and won't be.

So far the leading candidate is using HTTP Basic Auth (with an SSL connection), but even that appears to be inordinately complicated to set up.

What are my options?

I have a WFC Data Service that is running in IIS 8.0.  The service is retrieving and supplying data for a Sync Framework Project. The service is querying data from SQL Server as seen in SQL Server Profiler, but stops after about 60 seconds of retrieving that data. I figure it has to be a time limit somewhere, but I've changed everywhere I can think of. I've increased all of the timeouts in the application pool to 10 minutes and have added a basicHTTPBinding to the web.config with time limits 10 minutes. I have logging in place, but it is producing no logs at all. Any help would be greatly appreciated.

Thanks.

CEDeveloper

I have a WFC Data Service that is running in IIS 8.0.  The service is retrieving and supplying data for a Sync Framework Project. The service is querying data from SQL Server as seen in SQL Server Profiler, but stops after about 60 seconds of retrieving that data. I figure it has to be a time limit somewhere, but I've changed everywhere I can think of. I've increased all of the timeouts in the application pool to 10 minutes and have added a basicHTTPBinding to the web.config with time limits 10 minutes. I have logging in place, but it is producing no logs at all. Any help would be greatly appreciated.

Thanks.

CEDeveloper

Hi,

I'm using SAP Gateway for Microsoft to perform CRUD operations. Read operation is working fine, whereas i got an error during post(create) / put(update). how to rectify the below error.

Error:<?xml version="1.0" encoding="utf-8"?><error xmlns="http://schemas.microsoft.com/ado/2007/08/dataservices/metadata"><code>/IWCOR/CX_DS_BAD_REQUEST/005056A509B11ED1B9BF94F386DD82E6</code><message xml:lang="en">The Data Services Request could not be understood due to malformed syntax</message><innererror><transactionid>E5D602E617DFF1F98162005056BE704A</transactionid><errordetails/></innererror></error>

        public static Customer AddCustomerDetailGW(Customer cust)
        {
            ApplicationConfigReader.ConfigFilePath = new Uri(System.Reflection.Assembly.GetExecutingAssembly().CodeBase).LocalPath;
            ServiceDetails serviceDetail = ConfigurationReaderHandler.Instance.GetServiceDetails("ZCUSTOMER_DETAILS_SRV");
            ZCUSTOMER_DETAILS_SRV.ZCUSTOMER_DETAILS_SRV serviceContext = new ZCUSTOMER_DETAILS_SRV.ZCUSTOMER_DETAILS_SRV(new Uri(serviceDetail.Url));
            //serviceContext.AddAndUpdateResponsePreference = DataServiceResponsePreference.IncludeContent;
            serviceContext.AddToCustomerSet(cust);
            //serviceContext.AddObject("CustomerSet", cust);
            DataServiceResponse response = serviceContext.SaveChanges();//*****error*****
            Console.WriteLine(response.ToString());

            return cust;
        }

Anandhan.S Remember to 'mark or propose as answer' or 'vote as helpful' as appropriate.

Hi,

How can i apply sql date function Getdate() on context entities. Please help me.

Hello,

I have a WCF REST service that uses transport security with certificates to authenticate inbound connections.  I had a functioning installation stop working about 10 days ago when we updated the server certificate bound to the port as the old one had expired.  Everything about the updated installation appears correct.  I have performed a network trace and captured the service logs as well. 

The service logs show this error when a client is trying to establish the connection:
Client certificate is invalid with native error code 0x110 (see http://go.microsoft.com/fwlink/?LinkId=187517 for details).

This page shows several types of certificate errors but I can't figure out if one of them represents 0x110.  Can you help me figure out what is wrong with the certificate - do I need a new one or is something wrong with the installation?

Here are links to the complete trace and service logs.  
Trace Log
Service Log

Thank you in advance!

Glenn

I could pass xmldocument to web service as input param   but not to WCF,both are using SOAP.

 XMLDocument is not serializable so its not accepting,then why its accepting for webservice.Please help.

Help Please. I was trying to access WCF service exposed to a service bus relay endpoint using HttpWebRequest (REST).

I successfully got a token from ACS via OAuth WRAP Protocol. Using that token as a authorization in a request header, I created a WebRequest to communicate with the WCF service with an endpoint configured as WebHttpRelayBinding and a WCF service method applied with OperationContractAttribute and WebGetAttribute.

When I run the client application I got following error:

The message with To 'https://namespace.servicebus.windows.net/Student/GetInfo/GetStudentInfo/1' cannot be processed at the receiver, due to an AddressFilter mismatch at the EndpointDispatcher. Check that the sender and receiver's EndpointAddresses agree.

I googled and found a suggestion to apply following attribute to the service class:

[ServiceBehavior(AddressFilterMode=AddressFilterMode.Any)]

Although this resolved the previous error, but now the client application is ending up with following error:

The message with Action 'GET' cannot be processed at the receiver, due to a ContractFilter mismatch at the EndpointDispatcher. This may be because of either a contract mismatch (mismatched Actions between sender and receiver) or a binding/security mismatch between the sender and the receiver. Check that sender and receiver have the same contract and the same binding (including security requirements, e.g. Message, Transport, None).

I found that this could be due to following reasons:

• You have different contracts between client and sender.
• You're using a different binding between client and sender.
• The message security settings are not consistent between client and sender.

As far as contract is concerned, I have exposed an operation contract via a WebGetAttribute defining a REST uri to access the method.

I don't know if it is necessary to provide binding information while accessing a WCF service through HttpWebRequest (REST). If so, How?

I haven't applied any security settings in the service except Azure Service Bus shared secret that I have provided in the header of an HttpWebRequest.

Below is my code for both Service and a client consuming the service.

WCF Service Code:

[ServiceContract]interfaceIStudentInfo{[OperationContract][WebGet(ResponseFormat=WebMessageFormat.Xml,UriTemplate="/GetStudentInfo/{studentId}")]stringGetStudentInfo(string studentId);}[ServiceBehavior(AddressFilterMode=AddressFilterMode.Any)]privateclassStudentInfo:IStudentInfo{stringIStudentInfo.GetStudentInfo(string studentId){string returnString =null;// .....return returnString;}}publicvoidRun(){Console.WriteLine("LISTENER");Console.WriteLine("========");string serviceNamespace ="namespace";string issuerName ="owner";string issuerKey ="key";string servicePath ="Student/GetInfo";ServiceHost sh =newServiceHost(typeof(StudentInfo));// BindingWebHttpRelayBinding binding2 =newWebHttpRelayBinding();Uri uri =ServiceBusEnvironment.CreateServiceUri(Uri.UriSchemeHttps, serviceNamespace, servicePath);Console.WriteLine("Service Uri: "+ uri);Console.WriteLine();

            sh.AddServiceEndpoint(typeof(IStudentInfo), binding2, uri);// Create the ServiceRegistrySettings behavior for the endpoint.var serviceRegistrySettings =newServiceRegistrySettings(DiscoveryType.Public);// Create the shared secret credentials object for the endpoint matching the // Azure access control services issuer var sharedSecretServiceBusCredential =newTransportClientEndpointBehavior(){TokenProvider=TokenProvider.CreateSharedSecretTokenProvider(issuerName, issuerKey)};// Add the service bus credentials to all endpoints specified in configuration.foreach(var endpoint in sh.Description.Endpoints){
                endpoint.Behaviors.Add(serviceRegistrySettings);
                endpoint.Behaviors.Add(sharedSecretServiceBusCredential);}

            sh.Open();Console.WriteLine("Press ENTER to close");Console.ReadLine();

            sh.Close();}

Service Consuming Code:

staticvoidMain(string[] args){var studentId ="1";string _token =GetToken();Console.WriteLine(_token);// Create and configure the Requestvar httpWebRequest =(HttpWebRequest)WebRequest.Create("https://namespace.servicebus.windows.net/Student/GetInfo/GetStudentInfo/"+ studentId);
        httpWebRequest.ContentType="text/json";
        httpWebRequest.Method="GET";
        httpWebRequest.Headers.Add(HttpRequestHeader.Authorization,string.Format("WRAP access_token=\"{0}\"", _token));// Get the response using the RequestHttpWebResponse response = httpWebRequest.GetResponse()asHttpWebResponse;// Read the stream from the response objectStream stream = response.GetResponseStream();StreamReader reader =newStreamReader(stream);// Read the result from the stream readerstring result = reader.ReadToEnd();Console.WriteLine("Result: "+ result);Console.ReadLine();}staticstringGetToken(){string base_address =string.Format("https://namespace-sb.accesscontrol.windows.net");string wrap_name ="owner";string wrap_password ="key";string wrap_scope ="http://namespace.servicebus.windows.net/";

blog: <a href="http://technologynotesforyou.wordpress.com">http://technologynotesforyou.wordpress.com</a> | skype: ali.net.pk

Can a WCF client connect to a WCF service using message level security on a server with only TLS 1.1 and TLS 1.2 enabled (TLS 1.0/SSL3 are disabled)?  I'm using anonymous authentication.  I have tried to add the following line to my code:

System.Net.ServicePointManager.SecurityProtocol = System.Net.SecurityProtocolType.Tls12 | System.Net.SecurityProtocolType.Tls11;

without success.  Does this only work for transport security?  If so, how do you connect with message level security?  The following error is being issued:

"The caller was not authenticated by the service.

The request for security token could not be satisfied because authentication failed."

Hello,

When I try to insert new Entities into my DataServiceContext (projected type), i get an exception saying that "the type X is not compatible with the expected type Y".

Although the MSDN-Page about projection Claims that this should be no problem:
"When inserts are made to a projected type that does not contain all of the properties of the entity in the data model of the data service, the properties not included in the projection at the client are set to their default values. "

I created a complete example demonstrating the Problem (One-Drive link):

https://onedrive.live.com/redir?resid=F8DF0DE4DFA37CA6!110&authkey=!AJFW7KCnhbUCS4Y&ithint=file%2czip

as you can see in the client-Project, if this line is un-commented, no exception:

//ctx.AddAndUpdateResponsePreference = DataServiceResponsePreference.NoContent;//when this line is uncommented, there will be no exception

It seems that the "updated/inserted" Entity is sent back from the Server, but the DataServiceContext expects it to be the "projected type"....So....how should i "fix" it? Is this working as "expected" (and is poorly documented on the MSDN-page?)

Regards

Johannes Colmsee

P.S.: my "real life" Project is using DbContext (EntityFramework) as DataSource for the DataService (in this example, i created half-assed reflection Provider, but that is not the Point of interest. I get the exact same exception with the "real" dataservice)

P.P.S.: It seems that only inserts are affected (maybe the "updated" Entity is sent back in some circumstances, not sure, but for insert it is sent back in all cases).

Also - I found out, that you can fix it by using a new ResolveType Function (which returns the client-type instead the Service Clients Proxy class type).

I'm updating a table with some new values using WCF dataservice using a WPF client.

I also use a view to populate some status values in my application.

The view does not reflect the changes in the table when I run a new query using the view.

How do I force a refresh on the view to reflect the changes in the table?

I want to impl a command in OData Service like $filter or $skip or $top.

How to do it?

Hi,

I'm busy developing a WCF service, but I notice something strange. After a call to the service, the results appear twice. I took screenshots, maybe that explains better. On the serverside everything looks fine :

The class listCompanyForm contains a collection and a callResult object where errors are stored in case something goes wrong. So this looks ok to me. However on the clientside it looks different, everything appears twice. I see a "Collection" and a "CollectionField" and a "callResult" and a "callResultField". Both contains the same data. And I have no idea what the extensionDataField means. The classes are not derived from IExtensibleDataObject.

Here is the code of the datacontracts :

namespace TransmissionService
{
    [DataContract]
    public  class CompanyForm
    {
        [DataMember(Order = 0)]
        public int Id { get; set; }

        [DataMember(Order = 1)]
        public string Description { get; set; }
    }

    [DataContract]
    public class ListCompanyForm
    {
        [DataMember(Order = 0)]
        public List<CompanyForm> companyFormCollection = new List<CompanyForm>();

        [DataMember(Order = 1)]
        public CallResult callResult = new CallResult();
    }
}

And the implementation code :

        public ListCompanyForm GetCompanyForms(string UserName, string Password)
        {
            ListCompanyForm listCompanyForm = new ListCompanyForm();

            using (FbConnection con = new FbConnection(Functions.GetConnectionString(UserName, Password)))
            {
                string SQL = "SELECT VEN_ID, VEN_CODE FROM TBL_VENNOOTSCHAP";

                try
                {
                    FbCommand com = new FbCommand(SQL, con);
                    con.Open();
                    FbDataReader rdr = com.ExecuteReader();

                    while (rdr.Read())
                    {
                        listCompanyForm.companyFormCollection.Add(new CompanyForm
                        {
                            Id = Convert.ToInt32(rdr[0]),
                            Description = rdr[1].ToString()
                        });
                    }
                }
                catch (Exception e)
                {
                    listCompanyForm.callResult.Success = false;
                    listCompanyForm.callResult.Errors.Add(e.Message);
                }
            }

            return listCompanyForm;
        }

Many thanks in advance !

Steve

I have a WPF application using MVVM and WCF data services.

When I add a record to my context it works fine but if I try to update it fails with "The context is already tracking a different entity with the same resource Uri"

Here is my code:

Hello,

I have created WCF Data Service using Entity Framework. All by default CRUD operations using 'atom+xml' works. But if  I try to do the same with Json its not working. Ihave also used [JSONPSupportBehavior] but still it gives same error 400: Bad request.

How do I post and Put json payload on WCF data Service?

Can I use Odata as data layer, where I would be building a business layer to to invoke the odata services.

Need your help on the feasibility of it  is this a good solution or any other better solution.

Also would like to know how to incorporate Cache like (Redis/NCache) with Odata services.(Design level)

svanamali

Problem Statement - I cannot establish a reference within my application code to a remote producer web service and access its Methods.

Background - I am using the VS-2013 IDE. I am attempting to connect to a SOAP based web service outside my companies network. I have created a consumer proxy within an assembly (named ESACR) that is common to the entire solution. However, VS is reporting the following warning message -

Custom Tool Warning: Cannot import wsdl:binding

Detail: There was an error importing a wsdl:portType that the wsdl:binding is dependent upon.

Problem - I cannot reference the web service probably because of the binding issue above. Not sure if this problem is related to something I am not doing right or is related to the producer.

Any assistance here will be greatly appreciated...

Thanks // Jeff

Hello,

I have created WCF Data Service using Entity Framework. All by default CRUD operations using 'atom+xml' works. But if  I try to do the same with Json its not working. Ihave also used [JSONPSupportBehavior] but still it gives same error 400: Bad request.

How do I post and Put json payload on WCF data Service?

Hi Team ,

I am facing below issue related to the odatacontroller returning result.

I am getting result through API but failed to display on browser . On browser it throws me '406 Not Acceptable'.

any help ?

Thank You,

Varsharani