Solved

ASP.NET webservice - calling from .NET 4.0

Posted on 2013-01-02
22
758 Views
Last Modified: 2013-03-27
I am trying to call a web service which is a non WCF service (its compiled in .NET4 but uses the older .NET2 protocols)

        Dim sURL As String = txtURL.Text

        c = New ServiceReference1.WebServiceSoapClient("WebServiceSoap", sURL.Trim.TrimEnd("/"c) & "/webservice.asmx")

This works but when I try to consume it it comes up with the errors:

The client certificate is not provided. Specify a client certificate in ClientCredentials.



          <security mode="Message">
            <transport clientCredentialType="Windows" proxyCredentialType="None"
              realm="" />
            <message clientCredentialType="Certificate"
              algorithmSuite="Default" />

          </security>

or with this in app.config

          <security mode="Message">
            <transport clientCredentialType="None" proxyCredentialType="None"
              realm="" />
            <message clientCredentialType="UserName" algorithmSuite="Default" />
          </security>

I get the error

BasicHttp binding requires that BasicHttpBinding.Security.Message.ClientCredentialType be equivalent to the BasicHttpMessageCredentialType.Certificate credential type for secure messages. Select Transport or TransportWithMessageCredential security for UserName credentials.

Basically what I want is to say in code "connect via windows auth" or "connect via anon auth" - I don't want to be changing app.config since the service could be either of these depending on the server its on - we have locally installed customers with windows auth and we have hosted customers with anon auth - so how can I get past this and have the code decide whether to connect with windows auto or anon auth ?

thanks
0
Comment
Question by:plq
  • 11
  • 6
  • 5
22 Comments
 
LVL 8

Author Comment

by:plq
ID: 38736240
ok I got it working with this in app.config

          <security mode="TransportCredentialOnly">
            <transport clientCredentialType="Ntlm" />
          </security>


but what I really want is to be able to specify that in the VB, not in app.config - any ideas please?

thanks
0
 
LVL 16

Expert Comment

by:Stephan
ID: 38739017
You can set on the webserviceclientproxy the type of binding uou like to use. I don't have the exact code because i am on a mobile device
0
 
LVL 23

Expert Comment

by:Roopesh Reddy
ID: 38740612
Hi,

It explained here - http://msdn.microsoft.com/en-us/library/ms731884.aspx

Hope it helps u...
0
 
LVL 8

Author Comment

by:plq
ID: 38740681
thanks, but how do I connect "c" to "b"


        c = New ServiceReference1.WebServiceSoapClient("WebServiceSoap", URL.Trim.TrimEnd("/"c) & "/webservice.asmx")


        Dim b As ServiceModel.WSHttpBinding = New ServiceModel.WSHttpBinding(ServiceModel.SecurityMode.TransportWithMessageCredential)
        b.Security.Transport.ClientCredentialType = ServiceModel.HttpClientCredentialType.Windows

i.e. how does windows know to use "b" and not whatever is in app.config or wherever?
0
 
LVL 16

Expert Comment

by:Stephan
ID: 38740703
There should be an overload with the following parameters:
System.ServiceModel.Channels.Binding binding, System.ServiceModel.EndpointAddress remoteAddress
0
 
LVL 23

Expert Comment

by:Roopesh Reddy
ID: 38740722
Hi,

Don't specify in app.config file!

If you specify it in code, then it doesn't require in app.config file, if you specify in both places, i'm not sure how actually it works!

Moreover, it's recommended to update it in app.config file, since it's easy to change in future instead of compiling the code!

Hope it helps u...
0
 
LVL 8

Author Comment

by:plq
ID: 38740854
ok I'm nearly there with this code:

        Dim b As ServiceModel.WSHttpBinding = New ServiceModel.WSHttpBinding(ServiceModel.SecurityMode.TransportWithMessageCredential)
        b.Security.Transport.ClientCredentialType = ServiceModel.HttpClientCredentialType.Windows
        b.Security.Transport.ProxyCredentialType = ServiceModel.HttpProxyCredentialType.None
        b.Security.Transport.Realm = ""

        b.Security.Message.AlgorithmSuite = System.ServiceModel.Security.SecurityAlgorithmSuite.Default
        b.Security.Message.ClientCredentialType = ServiceModel.MessageCredentialType.Windows

        Dim e As New System.ServiceModel.EndpointAddress(URL.Trim.TrimEnd("/"c) & "/webservice.asmx")

        c = New ServiceReference1.WebServiceSoapClient(b, e)


problem is it just won't work with any combination of parameters I've tried this far.

Errors like:

The provided URI scheme 'http' is invalid; expected 'https'.
0
 
LVL 8

Author Comment

by:plq
ID: 38740862
If I change to securitymode.message I get this error:

The HTTP request is unauthorized with client authentication scheme 'Anonymous'. The authentication header received from the server was 'NTLM'.

This is attempting NT authentication with a http web server (not https)
0
 
LVL 8

Author Comment

by:plq
ID: 38744742
still stuck on this :(
0
 
LVL 16

Expert Comment

by:Stephan
ID: 38744836
Could you provide the URL you try to connect? Or a similar one?
0
 
LVL 8

Author Comment

by:plq
ID: 38744850
http://localhost:1271

Its just the asp.net web server
0
Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

 
LVL 16

Expert Comment

by:Stephan
ID: 38744903
Just to get things straight;
- You have a ASP.NET webservice that is only accessible through basic authentication or NTLM?
- You have an application (probably a web or windows forms app?) that tries to connect to it?
- Both are hosted on thesame machine
0
 
LVL 8

Author Comment

by:plq
ID: 38744920
Yes. Well I have two webservices - one hosted on the web which I can test with SSL, that would accept anon auth.

And the dev instance of the same service as above, running in VS 2010 on the same machine - thats the one I'm having this problem with

As you can see the problem is, when I specify the right parameters in app.config, it will work. But when I try to access the dev instance via code setting instead of app.config it refuses to work despite that fact that it seems I have replicated the same settings in code

thanks
0
 
LVL 16

Expert Comment

by:Stephan
ID: 38745054
I've seen you are using Ntlm as setting on the app.config, maybe you need to send it on the transport:

WSHttpBinding binding = new WSHttpBinding(SecurityMode.Transport);
binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Ntlm;
binding.Security.Transport.ProxyCredentialType = HttpProxyCredentialType.None;

Open in new window

0
 
LVL 8

Author Comment

by:plq
ID: 38745368
thats pretty much what I had, and when I change it to exactly what you suggest, I get the same error:

The provided URI scheme 'http' is invalid; expected 'https'.
Parameter name: via
0
 
LVL 23

Expert Comment

by:Roopesh Reddy
ID: 38745938
Hi,

I think you need to set the ClientCredentialType as well -

http://msdn.microsoft.com/en-us/library/ms729789.aspx

Hope it helps u...
0
 
LVL 8

Author Comment

by:plq
ID: 38746384
this
        Dim b As ServiceModel.WSHttpBinding = New ServiceModel.WSHttpBinding(ServiceModel.SecurityMode.Message)
        b.Security.Transport.ClientCredentialType = ServiceModel.HttpClientCredentialType.Ntlm
        b.Security.Transport.ProxyCredentialType = ServiceModel.HttpProxyCredentialType.None

gives
The HTTP request is unauthorized with client authentication scheme 'Anonymous'. The authentication header received from the server was 'NTLM'.

this

        Dim b As ServiceModel.WSHttpBinding = New ServiceModel.WSHttpBinding(ServiceModel.SecurityMode.Message)
        b.Security.Transport.ClientCredentialType = ServiceModel.HttpClientCredentialType.None
        b.Security.Transport.ProxyCredentialType = ServiceModel.HttpProxyCredentialType.None

gives

The HTTP request is unauthorized with client authentication scheme 'Anonymous'. The authentication header received from the server was 'NTLM'.

this

        Dim b As ServiceModel.WSHttpBinding = New ServiceModel.WSHttpBinding(ServiceModel.SecurityMode.Transport)
        b.Security.Transport.ClientCredentialType = ServiceModel.HttpClientCredentialType.None
        b.Security.Transport.ProxyCredentialType = ServiceModel.HttpProxyCredentialType.None

and this

        Dim b As ServiceModel.WSHttpBinding = New ServiceModel.WSHttpBinding(ServiceModel.SecurityMode.Transport)
        b.Security.Transport.ClientCredentialType = ServiceModel.HttpClientCredentialType.Ntlm
        b.Security.Transport.ProxyCredentialType = ServiceModel.HttpProxyCredentialType.None

all give


The provided URI scheme 'http' is invalid; expected 'https'.
Parameter name: via


thanks
0
 
LVL 23

Expert Comment

by:Roopesh Reddy
ID: 38748823
Hi,

It's pretty weird that, it's working if the settings is specified in app.config file and not when you code the same!

Moreover did you set the SecuityMode, as you do in the app.config file -

    <security mode="TransportCredentialOnly">
            <transport clientCredentialType="Ntlm" />
          </security>

Open in new window


Check the similar thread - http://stackoverflow.com/questions/1690784/provided-uri-schemehttp-is-invalid-expected-https

Hope it helps u...
0
 
LVL 8

Author Comment

by:plq
ID: 38798223
thanks for helping guys. I'm no further forward with it unfortunately.. I don't know what else we can do :(

This line does, I believe, set the client credential type as per your xml settings above..

    b.Security.Transport.ClientCredentialType = ServiceModel.HttpClientCredentialType.Ntlm
0
 
LVL 23

Accepted Solution

by:
Roopesh Reddy earned 500 total points
ID: 38815329
Hi,

It's strange. Can you post the complete code to test at our end?

It's really suprising to see, it works with config file and not in direct code. May be some thing we are missing there!
0
 
LVL 8

Author Closing Comment

by:plq
ID: 39022842
Never found an answer - gave up.. thanks for trying anyway
0
 
LVL 23

Expert Comment

by:Roopesh Reddy
ID: 39025399
I regret it :(
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Lots of people ask this question on how to extend the “MembershipProvider” to make use of custom authentication like using existing database or make use of some other way of authentication. Many blogs show you how to extend the membership provider c…
User art_snob (http://www.experts-exchange.com/M_6114203.html) encountered strange behavior of Android Web browser on his Mobile Web site. It took a while to find the true cause. It happens so, that the Android Web browser (at least up to OS ver. 2.…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
This tutorial demonstrates a quick way of adding group price to multiple Magento products.

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now