Problem adding web services wsdl

Hi, I'm using vs2013 , and C#
I'm getting this dialog when I clicked Go button after I enter the url for the wsdl.  Clear text sounds terrible!  Is there a way to configure in VS to have my credential sent encrypted instead?

Also, the Namespace textbox in the Add Service Reference dialog, do I put in any name I want for Namespace reference for all classes in this wsdl?

Also, the API requires credential so I enter the service account credential then it just repeatedly poping up the Web Discovery Service dialog as attached file, and asked is I want to continue.  I clicked yes, enter the credential again and it just goes right back to the same dialog.  What's going on here?  It doesn't complaint that it's credential, instead is just goes in a loop of keep asking me to enter credential.

Thank you.
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

lapuccaAuthor Commented:
Okay, I finally see the Error detail in the Add Service Ref dialog.  It says the following.  Does this mean the credential I entered is invalid?  Thank you.

"Metadata contains a reference that cannot be resolved: ''.
The HTTP request is unauthorized with client authentication scheme 'Anonymous'. The authentication header received from the server was 'Basic realm="XXXXXX API"'.
The remote server returned an error: (401) Unauthorized.
If the service is defined in the current solution, try building the solution and adding the service reference again."
Randy DownsOWNERCommented:
Maybe this will help.

The Authentication Methods dialog box allows you to configure how users can access the virtual directory or file. To pass the user's credentials via the HTTP headers, you can use Basic or Digest authentication. Neither Basic nor Digest authentication provides any mechanism to secure the message. The mechanism for passing the user credentials is defined by RFC 2617: HTTP Authentication: Basic and Digest Access Authentication. Essentially, an HTTP header named Authorization is used to pass the username and password. For Basic authentication, the username/password combination is sent in clear text. Well, not exactly. The username and password are actually sent using base64 encoding, which is simply clear text. For those of you who are not familiar with base64 encoding, it is a way to take binary data and present that data as text. No secrets/keys are used when encoding the data. If you choose to use Basic authentication, you should only accept those credentials over SSL. This protects the Web service and the caller from an entity that was sniffing the channel in an attempt to capture a valid set of credentials.
Another option is to use Digest authentication. If you make this choice, understand that many SOAP toolkits do not support Digest authentication. As a result, you are limiting the number of toolkits that can use the Web service. Use Digest authentication when you want to know the caller's identity, target SOAP toolkits contain support for Digest authentication, and the contents of the SOAP messages are not particularly important. Digest authentication encrypts the caller's credentials using a shared secret called a nonce.
Both Basic and Digest authentication use challenge-response mechanisms. Because of this, several requests and responses will go between the client and the receiver before any Web method invocation even takes place. In Basic authentication, the challenge and response can be fairly quick. In fact, a client can provide Basic credentials ahead of time if it knows that Basic authentication is required. This speed-up can be of marginal value in an SSL-based connection where the server certificate needs to be verified and a session key is established. In Digest authentication, the nonce needs to be exchanged before the credentials are encrypted. Again, this requires some handshaking to occur before any Web service code gets executed.
lapuccaAuthor Commented:
I am consuming APIs in this project.  What you said, "The Authentication Methods dialog box allows you to configure how users can access the virtual directory or file. "  that only applies to if I was creating APIs?  And where is this dialog box?

What about the Namespace question I have?

The message I got, does that mean the credential I entered is not authorized by the APIs or am I not referencing the apis correctly?

Thank you.
Angular Fundamentals

Learn the fundamentals of Angular 2, a JavaScript framework for developing dynamic single page applications.

lapuccaAuthor Commented:
I do want to thank you for the wonderful information on the 2 types of authentications.  This is SSL and I believe these are servers are behind firewall so I'm okay with the basic communication.  Thank you for the education.
Randy DownsOWNERCommented:
Did you change the name of the service at some point like this?

I had created a WCF Service (Employee.svc) and later changed the named to EmployeeService.svc.

Dont forget to build your WCF project after changing the service name.
lapuccaAuthor Commented:
When I enter '' in the browser I see a XML file as the wsdl definition file for the APIs ( I think that's what it is).  If I use this url and entered into the Add Service Reference dialog, it shows "No services found in the solution".  Why is that so?  Is this url only to see the wsdl definition file?  Thank you.
lapuccaAuthor Commented:
I just have a web form project where I need to consume these APIs from a 3rd party vendor product.  I didn't create these API services, I'm just consuming them.

Do I need to know their original Namespace and can I name it to whatever I want?

Also the message, does that mean the credential I supplied is not authorized to access the APIs?

Thank you.
Randy DownsOWNERCommented:
Maybe this will help on Namespace. Try targetNamespace="" since that's where your xml file is.

A WSDL definition is an XML document with a root definition element from the namespace. The entire WSDL schema is available at for your reference. The definitions element may contain several other elements including types, message, portType, binding, and service, all of which come from the namespace. The following illustrates the basic structure of a WSDL definition:

<!-- WSDL definition structure -->
   <!-- abstract definitions -->
    <types> ...
    <message> ...
   <portType> ...

   <!-- concrete definitions -->
   <binding> ...
   <service> ...

Open in new window

Notice that you must specify a target namespace for your WSDL definition, just like you would for an XML Schema definition. Anything that you name in the WSDL definition (like a message, portType, binding, etc.) automatically becomes part of the WSDL definition's target namespace defined by the targetNamespace attribute. Hence, when you reference something by name in your WSDL file, you must remember to use a qualified name.
lapuccaAuthor Commented:
This is what the 3rd party vendor says about their APIs, below.  Do I have to do anything in the web.config file to be able to add these references?  Like discussed here,

The API service endpoint employs the use of Simple Object Access Protocol (SOAP, version 1.1) as the transport specification and Hypertext Transfer Protocol Secure (HTTPS) as the transport protocol. XML is used as the data exchange format to ensure the validation of structured message data conforms to the specification of the API. The API also employs the use of Message Transmission Optimization Mechanism (MTOM), a method for efficiently sending/receiving binary data, utilized when exchanging documents.

The XXXXX API makes available a Web Service Description Language (WSDL), published through its service endpoint, which describes the manner in which the service may be called, details the available service operations, and specifies the message structures.
A client application must be built in congruence with the service specification as provided by the WSDL. Any number of technologies may be used to build the client.

Thank you.
lapuccaAuthor Commented:
sorry but I think I wasn't clear about which Namespace I'm referring to.  Please see the attached jpg where the red circled area that says Namespace is what I'm referring to.  Thank you.
Randy DownsOWNERCommented:
It looks like they want you to use SSL

Hypertext Transfer Protocol Secure (HTTPS) as the transport protocol
lapuccaAuthor Commented:
Here is the jpg
Randy DownsOWNERCommented:
Try this:

This may also help.
lapuccaAuthor Commented:
The link you provided for "Try this:"  Gives me WARNINGS.

So looking at the message, do you think it's because I'm not authorized with the credential I entered or not?
Thank you.
Randy DownsOWNERCommented:
OK you are using a real path rather than "", correct?

If you are getting this error then the remote server doesn't see you as authorized. Are the credentials in your xml file? Maybe you need to verify those with the vendor. If you are truly connecting they are probably logging the attempt.

Metadata contains a reference that cannot be resolved: ''.
The HTTP request is unauthorized with client authentication scheme 'Anonymous'. The authentication header received from the server was 'Basic realm="XXXXXX API"'.
The remote server returned an error: (401) Unauthorized.
If the service is defined in the current solution, try building the solution and adding the service reference again.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
lapuccaAuthor Commented:
Yes, Randy, I'm using real path.  I just comment it out.  I was given this service path but it doesn't end with .wsdl, is that correct?
Vendor's product and their APIs are installed on our Dev server.  

I only enter the credential in the "Add Service Reference" dialog.  I don't know which XML file are you referring to.  Is that the web.config file?

Thank you.
Randy DownsOWNERCommented:
Yes just the folder path. In this case the remote server will likely be your DEV server. It sounds like you are trying to connect via HTTP anonymously. Have you tried rebuilding solutio9n?

WSDL is written in XML but you are not getting credentials from there.
lapuccaAuthor Commented:
I don't believe I'm connecting via http.  In the " "Add Service Reference" dialog" I entered the "" as the service url, notice it is https.

I don't know why the error message says it's HTTP.  I think it's MS message bug not detecting the https in my service url.

I'm emailing the vendor who installed the product and the API to make sure I have proper permission.  I just want to have your help here to make sure I've done everything correctly before I asked the technical support at the Vendor's so I don't look like an aXX.  It's been a while since I code or consume web services.

Thank you.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Web Services

From novice to tech pro — start learning today.