Sybux
asked on
WCF, anonymous access, Error 401
Hi all,
I've wrote a WCF vn.net service. All test run nicely on my local computer (as usual), On the final computer also when I was testing, but if i try to acces the WCF with a user not identified on my domain, I got the borring 401 error message.
I know it's something wrong inside my web.config but I can't locate the error. here is the file:
Thx
I've wrote a WCF vn.net service. All test run nicely on my local computer (as usual), On the final computer also when I was testing, but if i try to acces the WCF with a user not identified on my domain, I got the borring 401 error message.
I know it's something wrong inside my web.config but I can't locate the error. here is the file:
Thx
<?xml version="1.0"?>
<!--
Note: As an alternative to hand editing this file you can use the
web admin tool to configure settings for your application. Use
the Website->Asp.Net Configuration option in Visual Studio.
A full list of settings and comments can be found in
machine.config.comments usually located in
\Windows\Microsoft.Net\Framework\v2.x\Config
-->
<configuration>
<configSections>
<sectionGroup name="system.web.extensions" type="System.Web.Configuration.SystemWebExtensionsSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35">
<sectionGroup name="scripting" type="System.Web.Configuration.ScriptingSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35">
<section name="scriptResourceHandler" type="System.Web.Configuration.ScriptingScriptResourceHandlerSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication"/>
<sectionGroup name="webServices" type="System.Web.Configuration.ScriptingWebServicesSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35">
<section name="jsonSerialization" type="System.Web.Configuration.ScriptingJsonSerializationSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="Everywhere" />
<section name="profileService" type="System.Web.Configuration.ScriptingProfileServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication" />
<section name="authenticationService" type="System.Web.Configuration.ScriptingAuthenticationServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication" />
<section name="roleService" type="System.Web.Configuration.ScriptingRoleServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication" />
</sectionGroup>
</sectionGroup>
</sectionGroup>
</configSections>
<appSettings/>
<connectionStrings/>
<system.web>
<!--
Set compilation debug="true" to insert debugging
symbols into the compiled page. Because this
affects performance, set this value to true only
during development.
Visual Basic options:
Set strict="true" to disallow all data type conversions
where data loss can occur.
Set explicit="true" to force declaration of all variables.
-->
<compilation debug="true" strict="false" explicit="true">
<assemblies>
<add assembly="System.Core, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/>
<add assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
</assemblies>
</compilation>
<pages>
<namespaces>
<clear />
<add namespace="System" />
<add namespace="System.Collections" />
<add namespace="System.Collections.Specialized" />
<add namespace="System.Configuration" />
<add namespace="System.Text" />
<add namespace="System.Text.RegularExpressions" />
<add namespace="System.Linq" />
<add namespace="System.Web" />
<add namespace="System.Web.Caching" />
<add namespace="System.Web.SessionState" />
<add namespace="System.Web.Security" />
<add namespace="System.Web.Profile" />
<add namespace="System.Web.UI" />
<add namespace="System.Web.UI.WebControls" />
<add namespace="System.Web.UI.WebControls.WebParts" />
<add namespace="System.Web.UI.HtmlControls" />
</namespaces>
<controls>
<add tagPrefix="asp" namespace="System.Web.UI" assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
</controls>
</pages>
<!--
The <authentication> section enables configuration
of the security authentication mode used by
ASP.NET to identify an incoming user.
-->
<authentication mode="Windows" />
<authorization>
<allow users="*" />
</authorization>
<!--
The <customErrors> section enables configuration
of what to do if/when an unhandled error occurs
during the execution of a request. Specifically,
it enables developers to configure html error pages
to be displayed in place of a error stack trace.
<customErrors mode="RemoteOnly" defaultRedirect="GenericErrorPage.htm">
<error statusCode="403" redirect="NoAccess.htm" />
<error statusCode="404" redirect="FileNotFound.htm" />
</customErrors>
-->
<httpHandlers>
<remove verb="*" path="*.asmx"/>
<add verb="*" path="*.asmx" validate="false" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
<add verb="*" path="*_AppService.axd" validate="false" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
<add verb="GET,HEAD" path="ScriptResource.axd" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" validate="false"/>
</httpHandlers>
<httpModules>
<add name="ScriptModule" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
</httpModules>
<trace enabled="true" localOnly="false"/>
</system.web>
<system.codedom>
<compilers>
<compiler language="vb;vbs;visualbasic;vbscript" extension=".vb" warningLevel="4"
type="Microsoft.VisualBasic.VBCodeProvider, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
<providerOption name="CompilerVersion" value="v3.5"/>
<providerOption name="OptionInfer" value="true"/>
<providerOption name="WarnAsError" value="false"/>
</compiler>
</compilers>
</system.codedom>
<!--
The system.webServer section is required for running ASP.NET AJAX under Internet
Information Services 7.0. It is not necessary for previous version of IIS.
-->
<system.webServer>
<validation validateIntegratedModeConfiguration="false"/>
<modules>
<add name="ScriptModule" preCondition="integratedMode" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
</modules>
<handlers>
<remove name="WebServiceHandlerFactory-Integrated"/>
<add name="ScriptHandlerFactory" verb="*" path="*.asmx" preCondition="integratedMode"
type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
<add name="ScriptHandlerFactoryAppServices" verb="*" path="*_AppService.axd" preCondition="integratedMode"
type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
<add name="ScriptResource" preCondition="integratedMode" verb="GET,HEAD" path="ScriptResource.axd" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
</handlers>
</system.webServer>
<system.serviceModel>
<services>
<service behaviorConfiguration="CI_Management.BeamerBehavior" name="CI_Management.Beamer">
<endpoint address="ws" binding="wsHttpBinding" contract="CI_Management.IBeamer">
<identity>
<dns value="localhost" />
</identity>
</endpoint>
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />
</service>
<service behaviorConfiguration="CI_Management.ManagementBehavior" name="CI_Management.Management">
<endpoint address="ws" binding="wsHttpBinding" contract="CI_Management.IManagement">
<identity>
<dns value="localhost" />
</identity>
</endpoint>
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="CI_Management.BeamerBehavior">
<serviceMetadata httpGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="false" />
</behavior>
<behavior name="CI_Management.ManagementBehavior">
<serviceMetadata httpGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="false" />
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>
</configuration>
ASKER
Sorry, you're right, I've upload the unsaved version of my web.config file.
Authentication mode is set to None.
The strange thing, is that now , I can access to http://myserver/myservice.svc with an anonymous user but If i an application which connect to this service. I got the following new error message :
Exception non gérée : System.ServiceModel.FaultE xception: The message could not
be processed. This is most likely because the action 'http://tempuri.org/IManage
ment/getZZdemo' is incorrect or because the message contains an invalid or expir
ed security context token or because there is a mismatch between bindings. The s
ecurity context token would be invalid if the service aborted the channel due to
inactivity. To prevent the service from aborting idle sessions prematurely incr
ease the Receive timeout on the service endpoint's binding.
Server stack trace:
à System.ServiceModel.Channe ls.Service Channel.Ha ndleReply( ProxyOpera tionRunti
me operation, ProxyRpc& rpc)
à System.ServiceModel.Channe ls.Service Channel.Ca ll(String action, Boolean one
way, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan time
out)
à System.ServiceModel.Channe ls.Service Channel.Ca ll(String action, Boolean one
way, ProxyOperationRuntime operation, Object[] ins, Object[] outs)
à System.ServiceModel.Channe ls.Service ChannelPro xy.InvokeS ervice(IMe thodCallM
essage methodCall, ProxyOperationRuntime operation)
à System.ServiceModel.Channe ls.Service ChannelPro xy.Invoke( IMessage message)
Exception rethrown at [0]:
à System.Runtime.Remoting.Pr oxies.Real Proxy.Hand leReturnMe ssage(IMes sage reqM
sg, IMessage retMsg)
à System.Runtime.Remoting.Pr oxies.Real Proxy.Priv ateInvoke( MessageDat a& msgDat
a, Int32 type)
Authentication mode is set to None.
The strange thing, is that now , I can access to http://myserver/myservice.svc with an anonymous user but If i an application which connect to this service. I got the following new error message :
Exception non gérée : System.ServiceModel.FaultE
be processed. This is most likely because the action 'http://tempuri.org/IManage
ment/getZZdemo' is incorrect or because the message contains an invalid or expir
ed security context token or because there is a mismatch between bindings. The s
ecurity context token would be invalid if the service aborted the channel due to
inactivity. To prevent the service from aborting idle sessions prematurely incr
ease the Receive timeout on the service endpoint's binding.
Server stack trace:
à System.ServiceModel.Channe
me operation, ProxyRpc& rpc)
à System.ServiceModel.Channe
way, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan time
out)
à System.ServiceModel.Channe
way, ProxyOperationRuntime operation, Object[] ins, Object[] outs)
à System.ServiceModel.Channe
essage methodCall, ProxyOperationRuntime operation)
à System.ServiceModel.Channe
Exception rethrown at [0]:
à System.Runtime.Remoting.Pr
sg, IMessage retMsg)
à System.Runtime.Remoting.Pr
a, Int32 type)
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
You appear to requre Windows authentication
<authentication mode="Windows" />
<authorization>
<allow users="*" />
</authorization>
So I am a little confused by "but if i try to acces the WCF with a user not identified on my domain, I got the borring 401 error message.
"