All geek questions in one place

Failed to connect to WCF Client / Server tcp.net "Streaming Security Required"

I am trying to test a simple WCF tcp.net client / server application. WCF is hosted on Windows 7 IIS. I have included TCP.net in IIS. I granted liberal security privileges to serve the application by setting up the application pool with administrator privileges and installing the IIS application to run in context.

I turned on tracing in the service application for troubleshooting. Whenever I start a simple method call against a service from a WCF client application, I get the following exception:

"Stream Security is required at http://www.w3.org/2005/08/addressing/anonymous , but the security context has not been negotiated. This is probably because the remote endpoint is missing a StreamSecurityBindingElement from the binding."

Here is my client configuration:

<bindings> <netTcpBinding> <binding name="InsecureTcp"> <security mode="None" /> </binding> </netTcpBinding> </bindings>

Here is my service configuration:

 <bindings> <netTcpBinding> <binding name="InsecureTcp" > <security mode="None" /> </binding> </netTcpBinding> </bindings> <services> <service name="OrderService" behaviorConfiguration="debugServiceBehavior"> <endpoint address="" binding="netTcpBinding" bindingConfiguration="InsecureTcp" contract="ProtoBufWcfService.IOrder" /> </service> </services> <behaviors> <serviceBehaviors> <behavior name="debugServiceBehavior"> <serviceDebug includeExceptionDetailInFaults="true" /> </behavior> </serviceBehaviors> </behaviors>

+2
source share
2 answers

WCF does not like insecure messages - it wants to use secure and secure communication channels by default. The default security mode for netTcpBinding is transport-level security with Windows credentials. Can you use this default instead of disabling everything?

If your server and all the clients calling it are in the same local network of the company, behind the firewall, there is no sense not to use Windows credentials. To do this, use this binding configuration:

 <bindings> <netTcpBinding> <binding name="InsecureTcp"> <security mode="Transport"> <transport clientCredentialType="Windows" /> </security> </binding> </netTcpBinding> </bindings>

This security feature is very fast, often implemented in hardware on your network card, and using Windows credentials internally is usually the best way.

So why did you disable all security on netTcpBinding and get into this problem?

+2
source

Answer Macr_s works for Windows 2008.

Remember, when you try to do the above in local / Windows 7 development, everything will work without protection.

Please do not change your application pool, leave the default application pool, it works

0
source

Source: https://habr.com/ru/post/1401348/

More articles:


All Articles