WCF service, legacy client using Basic authentication?

Discussion in 'ASP .Net Security' started by Jeff Stephens, Jun 2, 2009.

  1. I am trying to develop a WCF service hosted in IIS that will be called by a
    Windows Mobile client. Because the client is using the Compact Framework, it
    appears I won't be able to use either WCF or WSE in the client. The web
    service will require authentication. I am therefore trying to use Basic
    Authentication over HTTPS.

    I have a simple WCF service, and a WCF client that works great. But for the
    life of me, I can't get a simple web service client that works. I am using
    VS 2008, the client project is targeted for .NET 2.0, and added a standard
    web reference. I am supplying credentials to the proxy as follows:

    proxy.Credentials = new System.Net.NetworkCredential(@"MyUserName",
    "MyPassword", "MyDomain");

    The config file for my service is as follows:

    <binding name="BasicAuthenticationConfiguration">
    <security mode="Transport">
    <transport clientCredentialType="Basic"/>
    <service name="CalculatorService.Service"
    <add baseAddress="https://MyServer/CalculatorService/Service.svc" />
    contract="CalculatorService.ICalculator" />
    <endpoint address="mex" binding="mexHttpBinding"
    contract="IMetadataExchange" />
    <behavior name="CalculatorServiceBehavior">
    <serviceMetadata httpGetEnabled="true"/>
    <serviceDebug includeExceptionDetailInFaults="true"/>

    The response I get is:

    System.Net.WebException: The request failed with HTTP status 401:

    Oddly enough, if I omit the Domain parameter from the NetworkCredential
    constructor, and instead use "MyDomain\MyUserName" in the UserName parameter,
    I get a "401: Access Denied." response instead of "Unauthorized".

    I'm sure that the credentials I'm using are valid (and indeed the same
    credentials work just fine in the WCF client). It seems to make no
    difference whether I use basicHttpBinding or wsHttpBinding.

    What am I doing wrong? Any suggestions, thoughts, speculation or advice
    would be very welcome at this point!
    Jeff Stephens, Jun 2, 2009
    1. Advertisements

  2. Of course, as soon as I post this, I get it working. The solutions was to
    disable "Integrated Windows authentication" in IIS. Why that would do the
    trick, when I'm passing a Windows domain login, I don't understand. But at
    least the client works now.
    Jeff Stephens, Jun 2, 2009
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.