How to secure WCF service

Posted on 2011-10-06
Last Modified: 2012-05-12
I have the follosinw wb.config. When I cand this service from ajax over http, it works. But when I try it over secure channel, it fails. What modifications should I do to this file?

        <requestLimits maxQueryString="20000">
            <add header="Content-type" sizeLimit="20000" />
    <modules runAllManagedModulesForAllRequests="true">
      <add name="ContentTypeHttpModule"
             type="ContentTypeHttpModule.ContentTypeHttpModule, ContentTypeHttpModule" />
    <httpRuntime maxQueryStringLength="20000" maxRequestLength="20000"/>
        <add name="HttpGet"/>
        <add name="HttpPost"/>
    <compilation debug="true" targetFramework="4.0">
        <add assembly="System.Data.Entity, Version=, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
    <identity impersonate="false" />
    <authentication mode="Windows" />

          <serviceMetadata httpGetEnabled="true" httpGetUrl=""/>
          <serviceAuthorization serviceAuthorizationManagerType="statevault.APIKeyAuthorization, statevault" />
        <standardEndpoint automaticFormatSelectionEnabled="true" helpEnabled="true" crossDomainScriptAccessEnabled="true" />
    <serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />

Open in new window

Question by:adriandragomirescu
    LVL 8

    Accepted Solution


     Step1: Install the WSE2.0 Service Pack.

    Step2: Open a project (applies to both windows and web applications) and right click the solution file.

    Step3: On Clicking on the WSE Settings2.0 window a popup properties windows as shown below will be displayed. Check the on "Enable the project for Web Services Enhancements" check box.

    Step4: Steps 1 through step3 should be repeated for the project where the web service is hosted.

    Step5: Now let's write a simple piece of code which accesses the web service method on which the WSE2.0 settings have been implemented.

    Assuming we have a Web Service named Weatherservice already exists we write the following lines of code to access a method called GetTemperature ( ) in the project accessing the Weather web service.

    Weatherservice wservice = new Weatherservice();
    // Get the SoapContext object for the message
    SoapContext context = wservice.RequestSoapContext;
    // Instantiate a new UsernameToken object.
    UsernameToken token = new UsernameToken (name,
    Password, PasswordOption.SendNone);
    // Add the token to the SoapContext.
    // Generate a signature using the username token,
    // and add the signature to the SoapContext.
    context.Security.Elements.Add(new Signature(token));
    // Call the Web method.
    String temperature = service.GetTemperature();
    catch(Exception ex)
    // Error handling

    Hope it may helpful to you.

    LVL 8

    Expert Comment


    Featured Post

    How your wiki can always stay up-to-date

    Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
    - Increase transparency
    - Onboard new hires faster
    - Access from mobile/offline

    Join & Write a Comment

    Here I am going to explain creating proxies at runtime for WCF Service. So basically we use to generate proxies using Add Service Reference and then giving the Url of the WCF service then generate proxy files at client side. Ok, what if something ge…
    Microservice architecture adoption brings many advantages, but can add intricacy. Selecting the right orchestration tool is most important for business specific needs.
    In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…
    Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

    729 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    18 Experts available now in Live!

    Get 1:1 Help Now