Search Results

Search found 15648 results on 626 pages for 'wcf security'.

Page 42/626 | < Previous Page | 38 39 40 41 42 43 44 45 46 47 48 49  | Next Page >

  • EF4 + STE: Reattaching via a WCF Service? Using a new objectcontext each and every time?

    - by Martin
    Hi there, I am planning to use WCF (not ria) in conjunction with Entity Framework 4 and STE (Self tracking entitites). If i understnad this correctly my WCF should return an entity or collection of entities (using LIST for example and not IQueryable) to the client (in my case silverlight) The client then can change the entity or update it. At this point i believe it is self tracking???? This is where i sort of get a bit confused as there are a lot of reported problems with STEs not tracking.. Anyway... Then to update i just need to send back the entity to my WCF service on another method to do the update. I should be creating a new OBJECTCONTEXT everytime? In every method? If i am creaitng a new objectcontext everytime in everymethod on my WCF then don't i need to re-attach the STE to the objectcontext? So basically this alone wouldn't work?? using(var ctx = new MyContext()) { ctx.Orders.ApplyChanges(order); ctx.SaveChanges(); } Or should i be creating the object context once in the constructor of the WCF service so that 1 call and every additional call using the same wcf instance uses the same objectcontext? I could create and destroy the wcf service in each method call from the client - hence creating in effect a new objectcontext each time. I understand that it isn't a good idea to keep the objectcontext alive for very long. Any insight or information would be gratefully appreciated thanks

    Read the article

  • Why are we getting a WCF "Framing error" on some machines but not others

    - by Ian Ringrose
    We have just found we are getting “framing errors” (as reported by the WCF logs) when running our system on some customer test machine. It all works ok on our development machines. We have an abstract base class, with KnownType attributes for all its sub classes. One of it’s subclass is missing it’s DataContract attribute. However it all worked on our test machine! On the customers test machine, we got “framing error” showing up the WCF logs, this is not the error message I have seen in the past when missing a DataContract attribute, or a KnownType attribute. I wish to get to the bottom of this, as we can no longer have confidence in our ability to test the system before giving it to the customer until we can make our machines behave the some as the customer’s machines. Code that try to show what I am talking about, (not the real code) [DataContract()] [KnownType(typeof(SubClass1))] [KnownType(typeof(SubClass2))] // other subclasses with data members public abstract class Base { [DataMember] public int LotsMoreItemsThenThisInRealLife; } /// <summary> /// This works on some machines (not not others) when passed to Contract::DoIt, /// note the missing [DataContract()] /// </summary> public class SubClass1 : Base { // has no data members } /// <summary> /// This works in all cases when passed to Contract::DoIt /// </summary> [DataContract()] public class SubClass2 : Base { // has no data members } public interface IContract { void DoIt(Base[] items); } public static class MyProgram { public static IContract ConntectToServerOverWCF() { // lots of code ... return null; } public static void Startup() { IContract server = ConntectToServerOverWCF(); // this works all of the time server.DoIt(new Base[]{new SubClass2(){LotsMoreItemsThenThisInRealLife=2}}); // this works "in develperment" e.g. on our machines, but not on the customer's test machines! server.DoIt(new Base[] { new SubClass1() { LotsMoreItemsThenThisInRealLife = 2 } }); } }

    Read the article

  • WCF - Return object without serializing?

    - by Mayo
    One of my WCF functions returns an object that has a member variable of a type from another library that is beyond my control. I cannot decorate that library's classes. In fact, I cannot even use DataContractSurrogate because the library's classes have private member variables that are essential to operation (i.e. if I return the object without those private member variables, the public properties throw exceptions). If I say that interoperability for this particular method is not needed (at least until the owners of this library can revise to make their objects serializable), is it possible for me to use WCF to return this object such that it can at least be consumed by a .NET client? How do I go about doing that? Update: I am adding pseudo code below... // My code, I have control [DataContract] public class MyObject { private TheirObject theirObject; [DataMember] public int SomeNumber { get { return theirObject.SomeNumber; } // public property exposed private set { } } } // Their code, I have no control public class TheirObject { private TheirOtherObject theirOtherObject; public int SomeNumber { get { return theirOtherObject.SomeOtherProperty; } set { // ... } } } I've tried adding DataMember to my instance of their object, making it public, using a DataContractSurrogate, and even manually streaming the object. In all cases, I get some error that eventually leads back to their object not being explicitly serializable.

    Read the article

  • IIS publish of WCF service -- fails with no error message

    - by tavistmorph
    I havea WCF service which I publish from Visual Studio 2008 to an IIS 6. According to the output window of VS, the publish succeeded, no error messages or warnings. When I look at IIS, the virtual directory was created, but there is no .svc listed in the directory. The directory just has my web.config and a bin. Any attempts to call my WCF service fail cause they don't exist. How can I see an error message of what's going wrong? By trial-and-error, I discovered changing my app.config before publishing will make the service show up. Namely my app.config file has these lines: <binding ...> <security mode="Transport"> <transport clientCreditionalType="None"/> </security> </binding> If I switch "Transport" to "None", then my service shows up on IIS. But I do have a certificate installed on IIS on the server, and as far as I can tell, everything is configured correctly on the server. There is no error message in the event log. How can I get a find more error messages about why the service is failing to show up?

    Read the article

  • Windows service (hosting WCF service) stops immediately on start up

    - by Thr33Dii
    My Question: I cannot navigate to the base address once the service is installed because the service won't remain running (stops immediately). Is there anything I need to do on the server or my machine to make the baseAddress valid? Background: I'm trying to learn how to use WCF services hosted in Windows Services. I have read several tutorials on how to accomplish this and it seems very straight forward. I've looked at this MSDN article and built it step-by-step. I can install the service on my machine and on a server, but when I start the service, it stops immediately. I then found this tutorial, which is essentially the same thing, but it contains some clients that consume the WCF service. I downloaded the source code, compiled, installed, but when I started the service, it stopped immediately. Searching SO, I found a possible solution that said to define the baseAddress when instantiating the ServiceHost, but that didnt help either. My serviceHost is defined as: serviceHost = new ServiceHost( typeof( CalculatorService ), new Uri( "http://localhost:8000/ServiceModelSamples/service" ) ); My service name, base address, and endpoint: <service name="Microsoft.ServiceModel.Samples.CalculatorService" behaviorConfiguration="CalculatorServiceBehavior"> <host> <baseAddresses> <add baseAddress="http://localhost:8000/ServiceModelSamples/service"/> </baseAddresses> </host> <endpoint address="" binding="wsHttpBinding" contract="Microsoft.ServiceModel.Samples.ICalculator"/> <endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange"/> </service> I've verified the namespaces are identical. It's just getting frustrating that the tutorials seem to assume that the Windows service will start as long as all the stated steps are followed. I'm missing something and it's probably right in front of me. Please help!

    Read the article

  • Add custom param to odata url

    - by Toad
    I want to add some authentication to my odata service. The authorization token i want to include in the url as param so that the url can be used in excel How would one be able to receive and parse any addition param supplied in the url before the odata service does it's thing? (i'm using entitie framework and wcf dataservices)

    Read the article

  • Accessing Identity.AuthenticationType

    - by Tewr
    While implementing a custom authentication type in a wcf service, I'm trying to read the property IIdentity.AuthenticationType using the call Thread.CurrentPrincipal.Identity.AuthenticationType. Unless the account running the service is local administrator, UnauthorizedAccessException is thrown when accessing this property, much like described in this support thread. I can however reset the Thread.CurrentPrincipalobject without hassle, thus altering the Authentication Type - But read it, I cannot. Is running as an administrator the only way here or is there some trick to let the user running the service "just" access this property?

    Read the article

  • Get metadata out of a webHttpBinding endpoint

    - by decyclone
    Hi, With a reference to my previous question, I would like to know how would I extract information of a WCF service from a client application to know what methods/types are exposed if the service exposes only one endpoint that uses webHttpBinding? Just to summarize, in my previous question, I came to know that an endpoint using webHttpBinding does not get exposed in the generated WSDL because it would be a JSON endpoint and is just not compatible.

    Read the article

  • SQL SERVER – Solution – User Not Able to See Any User Created Object in Tables – Security and Permissions Issue

    - by pinaldave
    There is an old quote “A Picture is Worth a Thousand Words”. I believe this quote immensely. Quite often I get phone calls that something is not working if I can help. My reaction is in most of the cases, I need to know more, send me exact error or a screenshot. Until and unless I see the error or reproduce the scenario myself I prefer not to comment. Yesterday I got a similar phone call from an old friend, where he was not sure what is going on. Here is what he said. “When I try to connect to SQL Server, it lets me connect just fine as well let me open and explore the database. I noticed that I do not see any user created instances but when my colleague attempts to connect to the server, he is able to explore the database as well see all the user created tables and other objects. Can you help me fix it? “ My immediate reaction was he was facing security and permission issue. However, to make the same recommendation I suggested that he send me a screenshot of his own SSMS and his friend’s SSMS. After carefully looking at both the screenshots, I was very confident about the issue and we were able to resolve the issue. Let us reproduce the same scenario and many there is some learning for us. Issue: User not able to see user created objects First let us see the image of my friend’s SSMS screen. (Recreated on my machine) Now let us see my friend’s colleague SSMS screen. (Recreated on my machine) You can see that my friend could not see the user tables but his colleague was able to do the same for sure. Now I believed it was a permissions issue. Further to this I asked him to send me another image where I can see the various permissions of the user in the database. My friends screen My friends colleagues screen This indeed proved that my friend did not have access to the AdventureWorks database and because of the same he was not able to access the database. He did have public access which means he will have similar rights as guest access. However, their SQL Server had followed my earlier advise on having limited access for guest access, which means he was not able to see any user created objects. My next question was to validate what kind of access my friend’s colleague had. He replied that the colleague is the admin of the server. I suggested that if my friend was suppose to have admin access to the database, he should request of having admin access to his colleague. My friend promptly asked for the same to his colleague and on following screen he added him as an admin. You can do the same using following T-SQL script as well. USE [AdventureWorks2012] GO ALTER ROLE [db_owner] ADD MEMBER [testguest] GO Once my friend was admin he was able to access all the user objects just like he was expecting. Please note, this complete exercise was done on a development server. One should not play around with security on live or production server. Security is such an issue, which should be left with only senior administrator of the server. Reference: Pinal Dave (http://blog.SQLAuthority.com) Filed under: PostADay, SQL, SQL Authority, SQL Query, SQL Security, SQL Server, SQL Tips and Tricks, T SQL, Technology

    Read the article

  • Spring Security 3 - j_spring_security_check is not found

    - by newbie
    I use Spring Security with Spring Framework 3 and when I tyr to login from homepage I get following error: 2010-04-26 12:16:39,525 [tomcat-http--2] WARN org.springframework.web.servlet.PageNotFound - No mapping found for HTTP request with URI [/AppName/app/j_spring_security_check] in DispatcherServlet with name 'Spring MVC Dispatcher Servlet' Spring Security is initialized as loggings tell and there are no errors. So what could be reason for this error? I have understood that j_spring_security_check is default url for Spring Security login chekeing servlet.

    Read the article

  • Spring Security - Interactive login attempt was unsuccessful

    - by Taylor L
    I've been trying to track down why Spring Security isn't creating the SPRING_SECURITY_REMEMBER_ME_COOKIE so I turned on logging for org.springframework.security.web.authentication.rememberme. At first glance, the logs make it seem like the login is failing but the login is actually successful in the sense that if I navigate to a page that requires authentication I am not redirected back to the login page. However, the logs appear to be saying the login credentials are invalid. Any ideas as to what is going on? Mar 16, 2010 10:05:56 AM org.springframework.security.web.authentication.rememberme.PersistentTokenBasedRememberMeServices onLoginSuccess FINE: Creating new persistent login for user [email protected] Mar 16, 2010 10:10:07 AM org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices loginFail FINE: Interactive login attempt was unsuccessful. Mar 16, 2010 10:10:07 AM org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices cancelCookie FINE: Cancelling cookie <http auto-config="false"> <intercept-url pattern="/css/**" filters="none" /> <intercept-url pattern="/img/**" filters="none" /> <intercept-url pattern="/js/**" filters="none" /> <intercept-url pattern="/app/admin/**" filters="none" /> <intercept-url pattern="/app/login/**" filters="none" /> <intercept-url pattern="/app/register/**" filters="none" /> <intercept-url pattern="/app/error/**" filters="none" /> <intercept-url pattern="/" filters="none" /> <intercept-url pattern="/**" access="ROLE_USER" /> <logout logout-success-url="/" /> <form-login login-page="/app/login" default-target-url="/" authentication-failure-url="/app/login?login_error=1" /> <session-management invalid-session-url="/app/login" /> <remember-me services-ref="rememberMeServices" key="myKey" /> </http> <authentication-manager alias="authenticationManager"> <authentication-provider user-service-ref="userDetailsService"> <password-encoder hash="sha-256" base64="true"> <salt-source user-property="username" /> </password-encoder> </authentication-provider> </authentication-manager> <beans:bean id="userDetailsService" class="com.my.service.auth.UserDetailsServiceImpl" /> <beans:bean id="rememberMeServices" class="org.springframework.security.web.authentication.rememberme.PersistentTokenBasedRememberMeServices"> <beans:property name="userDetailsService" ref="userDetailsService" /> <beans:property name="tokenRepository" ref="persistentTokenRepository" /> <beans:property name="key" value="myKey" /> </beans:bean> <beans:bean id="persistentTokenRepository" class="com.my.service.auth.PersistentTokenRepositoryImpl" />

    Read the article

  • Inheritance security rules violated while overriding member - SecurityRuleSet.Level2

    - by Page Brooks
    I have a class that inherits from Exception. In .NET 4, I started receiving a runtime error: Inheritance security rules violated while overriding member: MyBusinessException.GetObjectData(System.Runtime.Serialization.SerializationInfo, System.Runtime.Serialization.StreamingContext)'. Security accessibility of the overriding method must match the security accessibility of the method being overriden. I think the issue is caused by the fact that I am overriding GetObjectData. I know one answer for resolving the issue is to set the SecurityRuleSet: [assembly: SecurityRules(SecurityRuleSet.Level1)] This is not an acceptable answer, I'd like to know how to fix the issue without having to relax the default security rules in .NET 4.

    Read the article

  • How to get BinarySecurityToken into the wcf soap request

    - by Mr Bell
    I need to sign my soap request to a 3rd party. The provided an example what the call should look like. And I am trying, rather unsuccessfully to make this call with wcf. I need to make a wcf soap call where the header contains BinarySecurityToken, Signature, and SecurityTokenReference. Here is the example they sent me (with some of the values omitted) I have a certificate for signing, but I cant for the life of me figure out how to make this work <?xml version="1.0" encoding="UTF-8"?> <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"><soapenv:Header><wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"> <wsse:BinarySecurityToken EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" wsu:Id="SecurityToken-..omitted.." xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">..omitted..</wsse:BinarySecurityToken> <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> <ds:SignedInfo> <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> <ds:Reference URI="#Body"> <ds:Transforms> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> </ds:Transforms> <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> <ds:DigestValue>..omitted...</ds:DigestValue> </ds:Reference> </ds:SignedInfo> <ds:SignatureValue> ..omitted.. </ds:SignatureValue> <ds:KeyInfo><wsse:SecurityTokenReference><wsse:Reference URI="#SecurityToken-..omitted.." ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"/></wsse:SecurityTokenReference></ds:KeyInfo></ds:Signature></wsse:Security></soapenv:Header><soapenv:Body wsu:Id="Body"><in0 xmlns="http://test.3rdParty.com">123</in0></soapenv:Body></soapenv:Envelope>

    Read the article

  • Ws-Security headers using Metro

    - by Bhushan
    I have a web service which implements WS-Security but does not define a policy in the WSDL. I am able to consume this web service successfully using Axis 2 as client. I am trying to consume the same web service using Metro 2 but the wsse:security headers are not going. It works only if the service defines the security policy which is not under my control. I tested this by creating a sample web service and unless I define the policy my metro client never sends the wsse:security headers. Is there anything I am missing using Metro?

    Read the article

  • WCF Service Authentication problem?

    - by Marcus
    I have an application which exposes lots of interfaces via net.tcp protocol, using both SecurityMode.Transport and SecurityMode.None (I really need support for both). My whole application is written in a DLL file. I have a form which consumes this DLL and now I made a Windows Service to consume this DLL. The problem is, when this windows service goes up, the insecure service throws this exception: Stream Security is required at http://www.w3.org/2005/08/addressing/anonymous, but no security context was negotiated. This is likely caused by the remote endpoint missing a StreamSecurityBindingElement from its binding. In the client side, nothing has changed. Is there any reason for this behaviour? The program is exactly the same. When I run the same test with the form app, it works... ps: I've already tried running the windows service as: SYSTEM, NETWORK SERVICE and my user account (which runs the form app) Thanks

    Read the article

  • help setting up wsHttpBinding WCF service on .net

    - by manu1001
    I'm trying to host a WCF service with wsHttpBinding. I created a certificate using makecert and put some lines in web.config. This is the error that I'm getting: System.ArgumentException: The certificate 'CN=WCfServer' must have a private key that is capable of key exchange. The process must have access rights for the private key. On googling up it seems to be some issue with access rights on the certificate file. I used cacls to give read permission to NETWORK SERVICE and also my username but it didn't change anything. I also went to security settings in the properties of the certificate file and gave full control to NETWORK SERVICE and my username. Again to no avail. Can you guide me as to what the problem is and what exactly I need to do? I'm really flaky with these certificate things. Here's my web.config: <system.serviceModel> <services> <service name="Abc.Service" behaviorConfiguration="Abc.ServiceBehavior"> <endpoint address="" binding="wsHttpBinding" bindingConfiguration="Abc.BindConfig" contract="Abc.IService"> <identity> <dns value="localhost"/> </identity> </endpoint> <endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange"/> </service> </services> <behaviors> <serviceBehaviors> <behavior name="Abc.ServiceBehavior"> <serviceMetadata httpGetEnabled="true"/> <serviceDebug includeExceptionDetailInFaults="false"/> <serviceCredentials> <clientCertificate> <authentication certificateValidationMode="PeerTrust"/> </clientCertificate> <serviceCertificate findValue="WCfServer" storeLocation="CurrentUser" storeName="My" x509FindType="FindBySubjectName" /> </serviceCredentials> </behavior> </serviceBehaviors> </behaviors> <bindings> <wsHttpBinding> <binding name="Abc.BindConfig"> <security mode="Message"> <message clientCredentialType="Certificate" /> </security> </binding> </wsHttpBinding> </bindings> </system.serviceModel>

    Read the article

  • Installing .NET 3.5 SP1 on server broke WCF

    - by Doron
    I installed .NET 3.5 SP1 on server which previously had .NET 3.0 SP2. Before install site was working perfectly. After install and subsequeny server restart, site displays but anything that makes use of the WCF service has stopped working. The exception log reports exceptions like the following when any calls are made to the client proxy: The communication object, System.ServiceModel.Channels.ServiceChannel, cannot be used for communication because it is in the Faulted state. The server's application event log gave the following errors after the install: Configuration section system.serviceModel.activation already exists in c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Config\machine.config. Configuration section system.runtime.serialization already exists in c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Config\machine.config. Configuration section system.serviceModel already exists in c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Config\machine.config. which seems to be inline with the fact that anything WCF related has stopped working. I am not experienced in server configurations or WCF so looking for any assistance with this. Thanks!! From machine.config: <sectionGroup name="system.serviceModel" type="System.ServiceModel.Configuration.ServiceModelSectionGroup, System.ServiceModel, Version=3.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"> <section name="behaviors" type="System.ServiceModel.Configuration.BehaviorsSection, System.ServiceModel, Version=3.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/> <section name="bindings" type="System.ServiceModel.Configuration.BindingsSection, System.ServiceModel, Version=3.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/> <section name="client" type="System.ServiceModel.Configuration.ClientSection, System.ServiceModel, Version=3.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/> <section name="comContracts" type="System.ServiceModel.Configuration.ComContractsSection, System.ServiceModel, Version=3.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/> <section name="commonBehaviors" type="System.ServiceModel.Configuration.CommonBehaviorsSection, System.ServiceModel, Version=3.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" allowDefinition="MachineOnly" allowExeDefinition="MachineOnly"/> <section name="diagnostics" type="System.ServiceModel.Configuration.DiagnosticSection, System.ServiceModel, Version=3.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/> <section name="extensions" type="System.ServiceModel.Configuration.ExtensionsSection, System.ServiceModel, Version=3.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/> <section name="machineSettings" type="System.ServiceModel.Configuration.MachineSettingsSection, SMDiagnostics, Version=3.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" allowDefinition="MachineOnly" allowExeDefinition="MachineOnly"/> <section name="serviceHostingEnvironment" type="System.ServiceModel.Configuration.ServiceHostingEnvironmentSection, System.ServiceModel, Version=3.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/> <section name="services" type="System.ServiceModel.Configuration.ServicesSection, System.ServiceModel, Version=3.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/> </sectionGroup> <sectionGroup name="system.serviceModel.activation" type="System.ServiceModel.Activation.Configuration.ServiceModelActivationSectionGroup, System.ServiceModel, Version=3.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"> <section name="diagnostics" type="System.ServiceModel.Activation.Configuration.DiagnosticSection, System.ServiceModel, Version=3.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/> <section name="net.pipe" type="System.ServiceModel.Activation.Configuration.NetPipeSection, System.ServiceModel, Version=3.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/> <section name="net.tcp" type="System.ServiceModel.Activation.Configuration.NetTcpSection, System.ServiceModel, Version=3.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/> </sectionGroup> <sectionGroup name="system.runtime.serialization" type="System.Runtime.Serialization.Configuration.SerializationSectionGroup, System.Runtime.Serialization, Version=3.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"> <section name="dataContractSerializer" type="System.Runtime.Serialization.Configuration.DataContractSerializerSection, System.Runtime.Serialization, Version=3.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/> </sectionGroup> from site's web.config <sectionGroup name="system.web.extensions" type="System.Web.Configuration.SystemWebExtensionsSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> <sectionGroup name="scripting" type="System.Web.Configuration.ScriptingSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> <section name="scriptResourceHandler" type="System.Web.Configuration.ScriptingScriptResourceHandlerSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication" /> <sectionGroup name="webServices" type="System.Web.Configuration.ScriptingWebServicesSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> <section name="jsonSerialization" type="System.Web.Configuration.ScriptingJsonSerializationSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="Everywhere" /> <section name="profileService" type="System.Web.Configuration.ScriptingProfileServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication" /> <section name="authenticationService" type="System.Web.Configuration.ScriptingAuthenticationServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication" /> <section name="roleService" type="System.Web.Configuration.ScriptingRoleServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication" /> </sectionGroup> </sectionGroup> </sectionGroup> . . . <system.serviceModel> <bindings> <wsHttpBinding> <binding name="WSHttpBinding_IService" closeTimeout="00:03:00" openTimeout="00:03:00" receiveTimeout="00:10:00" sendTimeout="00:03:00" bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard" maxBufferPoolSize="524288" maxReceivedMessageSize="131072" messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true" allowCookies="false"> <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384" maxBytesPerRead="4096" maxNameTableCharCount="16384" /> <reliableSession ordered="true" inactivityTimeout="00:10:00" enabled="false" /> <security mode="Message"> <transport clientCredentialType="Windows" proxyCredentialType="None" realm="" /> <message clientCredentialType="Windows" negotiateServiceCredential="true" algorithmSuite="Default" establishSecurityContext="true" /> </security> </binding> </wsHttpBinding> </bindings> <client> <endpoint address="some address" binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_IService" contract="some contact" name="WSHttpBinding_IService" /> </client> Pertinant Exception Section: Exception information: Exception type: TypeLoadException Exception message: Could not load type 'System.Web.UI.ScriptReferenceBase' from assembly 'System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35'.

    Read the article

  • Security error accessing Service outside of FlexBuilder

    - by MikeHoss
    I'm very new to Flex and I have what I think it a head-scratcher. I am building a little Flash app that will consume some web services over HTTP. When I am in Flexbuilder and run my app there, it works fine. When I goto to my FlexBuilder project on my OS and double-click on it, it works fine. When I zip up my bin-debug file, I get this error: Security error accessing url faultCode:Channel.Security.Error faultString: 'Security error accessing url' faultDetail:'Destination: DefaultHTTP' So I googled that and got information on about the crossdomain.xml file. Well, I can't put a crossdomain file in the service I am calling, but I can put one somewhere else. So I put the following lines in Flex app: Security.allowDomain("vx1391"); Security.loadPolicyFile("http://vx1391:8080/job/Remote%20FIT%20Runner/ws/trunk/flash-cross-domain.xml"); My cross-domain.xml file is wide-open: &lt;cross-domain-policy&gt; &lt;allow-access-from domain="*"/&gt; </cross-domain-policy> Which I know is bad in a prod enivironment, but right now I just need to get this working locally but outside of FlexBuilder. Anyone want to help out this Flex-noob?

    Read the article

  • JBOSS Security: web.xml vs. jboss-web.xml

    - by sixtyfootersdude
    What is the relation between web.xml and jboss-web.xml? Seems like: Jboss-web.xml specifies the security domain (which can be found in login-config.xml) web.xml specifies what the security level is I don't understand what happens when jboss-web.xml specifies a weak security domain. Ie: one that cannot do what web.xml specifies. What happens then?

    Read the article

  • spring security login pages?

    - by es11
    I have some confusion with how spring security works: In my application, I need to have a login page for users after which they are redirected back the page from where they came. I went through a few spring security tutorials and read some articles, and the examples work by securing a certain page on a site (managed by the <intercept url ..> tag). Then Spring security will generate a login page (or you can specify your own) in order to access the secured page. I am confused because I don't want to necessary secure a given page on my site: I want a login page for users to log into after which they have access to elevated features of the site (through spring security's authorization features). My question is: given what I described, what would be the strategy to create this login page which, after login, would grant the logged in user the appropriate authorities? The hack I thought of would be to create a simple JSP page who's only function is to redirect back to the previous page. Then I would use Spring Security to secure that JSP page. But it seems like there should be a better way of doing this... Thanks

    Read the article

  • Calling a .NET web service (WSE 3.0, WS-Security) from JAXWS-RI

    - by elduff
    I'm writing a JAXWS-RI client that must call a .NET Web Service that is using WS-Security. The service's WSDL does not contain any WS-Security info, but I have an example soap message from the service's authors and know that I must include wsse:Security headers, including X:509 tokens. I've been researching, and I've seen example of folks calling this type of web service from Axis and CXF (in conjunction with Rampart and/or WSS4J), but nothing about using plain JAXWS-RI itself. However, I'm (unfortunately) constrained to using JAXWS-RI by my gov't client. Does anyone have any examples/documentation of doing this from JAXWS-RI? I need to ultimately generate a SOAP header that looks something like the one below - this is a sample soap:header from a .NET client written by the service's authors. (Note: I've put the 'VALUE_HERE' string in places where I need to provide my own values) <soapenv:Envelope xmlns:iri="http://EOIR/IRIES" xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"> <soapenv:Header xmlns:wsa="http://www.w3.org/2005/08/addressing"> <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401- wss-wssecurity-secext-1.0.xsd"> <xenc:EncryptedKey Id="VALUE_HERE"> <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/> <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> <wsse:SecurityTokenReference> <wsse:KeyIdentifier EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"> VALUE_HERE </wsse:KeyIdentifier> </wsse:SecurityTokenReference> </ds:KeyInfo> <xenc:CipherData> <xenc:CipherValue>VALUE_HERE</xenc:CipherValue> </xenc:CipherData> <xenc:ReferenceList> <xenc:DataReference URI="#EncDataId-8"/> </xenc:ReferenceList> </xenc:EncryptedKey> </wsse:Security>

    Read the article

  • Connecting to a WSE 3.0 Web Service From a WCF Client

    - by Dave
    I'm having difficulty connecting to a 3rd party WSE 3.0 web service from a WCF client. I have implemented the custom binding class as indicated in this KB article: http://msdn.microsoft.com/en-us/library/ms734745.aspx The problem seems to have to do with the security assertion used by the web service - UsernameOverTransport. When I attempt to call a method, I get the following exception: System.InvalidOperationException: The 'WseHttpBinding'.'[namespace]' binding for the 'MyWebServiceSoap'.'[namespace]' contract is configured with an authentication mode that requires transport level integrity and confidentiality. However the transport cannot provide integrity and confidentiality.. It is expecting a username, password, and CN number. In the example code supplied to us by the vendor, these credentials are bundled in a Microsoft.Web.Services3.Security.Tokens.UsernameToken. Here's the example supplied by the vendor: MyWebServiceWse proxy = new MyWebServiceWse(); UsernameToken token = new UsernameToken("Username", "password", PasswordOption.SendPlainText); token.Id = "<supplied CN Number>"; proxy.SetClientCredential(token); proxy.SetPolicy(new Policy(new UsernameOverTransportAssertion(), new RequireActionHeaderAssertion())); MyObject mo = proxy.MyMethod(); This works fine from a 2.0 app w/ WSE 3.0 installed. Here is a snippet of the code from my WCF client: EndpointAddress address = new EndpointAddress(new Uri("<web service uri here>")); WseHttpBinding binding = new WseHttpBinding(); // This is the custom binding I created per the MS KB article binding.SecurityAssertion = WseSecurityAssertion.UsernameOverTransport; binding.EstablishSecurityContext = false; // Not sure about the value of either of these next two binding.RequireDerivedKeys = true; binding.MessageProtectionOrder = MessageProtectionOrder.SignBeforeEncrypt; MembershipServiceSoapClient proxy = new MembershipServiceSoapClient(binding, address); // This is where I believe the problem lies – I can’t seem to properly setup the security credentials the web service is expecting proxy.ClientCredentials.UserName.UserName = "username"; proxy.ClientCredentials.UserName.Password = "pwd"; // How do I supply the CN number? MyObject mo = proxy.MyMethod(); // this throws the exception I've scoured the web looking for an answer to this question. Some sources get me close (like the MS KB article), but I can't seem to get over the hump. Can someone help me out?

    Read the article

  • How to configure Spring Security PasswordComparisonAuthenticator

    - by denlab
    I can bind to an embedded ldap server on my local machine with the following bean: <b:bean id="secondLdapProvider" class="org.springframework.security.ldap.authentication.LdapAuthenticationProvider"> <b:constructor-arg> <b:bean class="org.springframework.security.ldap.authentication.BindAuthenticator"> <b:constructor-arg ref="contextSource" /> <b:property name="userSearch"> <b:bean id="userSearch" class="org.springframework.security.ldap.search.FilterBasedLdapUserSearch"> <b:constructor-arg index="0" value="ou=people"/> <b:constructor-arg index="1" value="(uid={0})"/> <b:constructor-arg index="2" ref="contextSource" /> </b:bean> </b:property> </b:bean> </b:constructor-arg> <b:constructor-arg> <b:bean class="com.company.security.ldap.BookinLdapAuthoritiesPopulator"> </b:bean> </b:constructor-arg> </b:bean> however, when I try to authenticate with a PasswordComparisonAuthenticator it repeatedly fails on a bad credentials event: <b:bean id="ldapAuthProvider" class="org.springframework.security.ldap.authentication.LdapAuthenticationProvider"> <b:constructor-arg> <b:bean class="org.springframework.security.ldap.authentication.PasswordComparisonAuthenticator"> <b:constructor-arg ref="contextSource" /> <b:property name="userDnPatterns"> <b:list> <b:value>uid={0},ou=people</b:value> </b:list> </b:property> </b:bean> </b:constructor-arg> <b:constructor-arg> <b:bean class="com.company.security.ldap.BookinLdapAuthoritiesPopulator"> </b:bean> </b:constructor-arg> </b:bean> Through debugging, I can see that the authenticate method picks up the DN from the ldif file, but then tries to compare the passwords, however, it's using the LdapShaPasswordEncoder (the default one) where the password is stored in plaintext in the file, and this is where the authentication fails. Here's the authentication manager bean referencing the preferred authentication bean: <authentication-manager> <authentication-provider ref="ldapAuthProvider"/> <authentication-provider user-service-ref="userDetailsService"> <password-encoder hash="md5" base64="true"> <salt-source system-wide="secret"/> </password-encoder> </authentication-provider> </authentication-manager> On a side note, whether I set the password-encoder on ldapAuthProvider to plaintext or just leave it blank, doesn't seem to make a difference. Any help would be greatly appreciated. Thanks

    Read the article

  • WCF digest Authentication

    - by dudia
    What should be specified on the client side? Is this enough: binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Digest; ... cf.Credentials.HttpDigest.ClientCredential = new NetworkCredential("myuser", "mypass", "mydomain"); cf.Credentials.HttpDigest.AllowedImpersonationLevel = TokenImpersonationLevel.Impersonation; What should be specified on the server side? obviously one needs: binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Digest; but where do one specify in the server the digest username\password to validate the client against? In addition when Micosoft says that Digest Authentication uses the Domain Controller, what does it mean? Does it validate username\password against it?

    Read the article

< Previous Page | 38 39 40 41 42 43 44 45 46 47 48 49  | Next Page >