WCF and ASP.Net membership authentication error

Discussion in 'General troubleshooting' started by stevharr, Apr 7, 2010.

  1. Trying to get ASP.Net membership authentication working for my WCF service has been kicking the crap out of me..

    This is where I am at. I am able to deploy an ASP.Net web application that uses and enforces ASP.Net membership authentication correctly against our Winhost DB. Now what I want to do is expose a WCF service that authenticates against the same membership provider. I am to the point where I can get the service to work as long as I don't enable membership authentication. I.e. if I use the following binding in my web.config file the client can successfully call routines on my WCF service.

    Code:
          <wsHttpBinding>
            <binding name="MembershipBinding">
              <security mode ="Transport">
                <transport clientCredentialType="None"/>
              </security>
            </binding>
          </wsHttpBinding>

    But when I enable membership authentication by using the following binding I get an error when the client tries to call the service.

    Code:
          <wsHttpBinding>
            <binding name="MembershipBinding">
              <security mode ="TransportWithMessageCredential">
                <transport clientCredentialType="None"/>
                <message clientCredentialType="UserName"/>
              </security>
            </binding>
          </wsHttpBinding>

    The error I get is: 'An unsecured or incorrectly secured fault was received from the other party. See the inner FaultException for the fault code and detail.' And here is the stack trace:

    Code:
    Server stack trace: 
       at System.ServiceModel.Channels.SecurityChannelFactory`1.SecurityRequestChannel.ProcessReply(Message reply, SecurityProtocolCorrelationState correlationState, TimeSpan timeout)
       at System.ServiceModel.Channels.SecurityChannelFactory`1.SecurityRequestChannel.Request(Message message, TimeSpan timeout)
       at System.ServiceModel.Security.SecuritySessionSecurityTokenProvider.DoOperation(SecuritySessionOperation operation, EndpointAddress target, Uri via, SecurityToken currentToken, TimeSpan timeout)
       at System.ServiceModel.Security.SecuritySessionSecurityTokenProvider.GetTokenCore(TimeSpan timeout)
       at System.IdentityModel.Selectors.SecurityTokenProvider.GetToken(TimeSpan timeout)
       at System.ServiceModel.Security.SecuritySessionClientSettings`1.ClientSecuritySessionChannel.OnOpen(TimeSpan timeout)
       at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
       at System.ServiceModel.Channels.ServiceChannel.OnOpen(TimeSpan timeout)
       at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
       at System.ServiceModel.Channels.ServiceChannel.CallOnceManager.CallOnce(TimeSpan timeout, CallOnceManager cascade)
       at System.ServiceModel.Channels.ServiceChannel.EnsureOpened(TimeSpan timeout)
       at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
       at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
       at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)
    
    Exception rethrown at [0]: 
       at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
       at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
       at ThinkDeviceLink.ThinkService.IThinkService.ReceiveXML()
       at ThinkDeviceLink.ThinkService.ThinkServiceClient.ReceiveXML() in C:\ThinkAutomatic\Software\ThinkDeviceLink\ThinkDeviceLink\Service References\ThinkService\Reference.cs:line 57
       at ThinkDeviceLink.MainWindow.TestButton_Click(Object sender, RoutedEventArgs e) in C:\ThinkAutomatic\Software\ThinkDeviceLink\ThinkDeviceLink\MainWindow.xaml.cs:line 90
       at System.Windows.EventRoute.InvokeHandlersImpl(Object source, RoutedEventArgs args, Boolean reRaised)
       at System.Windows.UIElement.RaiseEventImpl(DependencyObject sender, RoutedEventArgs args)
       at System.Windows.Controls.Button.OnClick()
       at System.Windows.Controls.Primitives.ButtonBase.OnMouseLeftButtonUp(MouseButtonEventArgs e)
       at System.Windows.RoutedEventArgs.InvokeHandler(Delegate handler, Object target)
       at System.Windows.EventRoute.InvokeHandlersImpl(Object source, RoutedEventArgs args, Boolean reRaised)
       at System.Windows.UIElement.ReRaiseEventAs(DependencyObject sender, RoutedEventArgs args, RoutedEvent newEvent)
       at System.Windows.UIElement.OnMouseUpThunk(Object sender, MouseButtonEventArgs e)
       at System.Windows.RoutedEventArgs.InvokeHandler(Delegate handler, Object target)
       at System.Windows.EventRoute.InvokeHandlersImpl(Object source, RoutedEventArgs args, Boolean reRaised)
       at System.Windows.UIElement.RaiseEventImpl(DependencyObject sender, RoutedEventArgs args)
       at System.Windows.UIElement.RaiseEvent(RoutedEventArgs args, Boolean trusted)
       at System.Windows.Input.InputManager.ProcessStagingArea()
       at System.Windows.Input.InputManager.ProcessInput(InputEventArgs input)
       at System.Windows.Input.InputProviderSite.ReportInput(InputReport inputReport)
       at System.Windows.Interop.HwndMouseInputProvider.ReportInput(IntPtr hwnd, InputMode mode, Int32 timestamp, RawMouseActions actions, Int32 x, Int32 y, Int32 wheel)
       at System.Windows.Interop.HwndMouseInputProvider.FilterMessage(IntPtr hwnd, Int32 msg, IntPtr wParam, IntPtr lParam, Boolean& handled)
       at System.Windows.Interop.HwndSource.InputFilterMessage(IntPtr hwnd, Int32 msg, IntPtr wParam, IntPtr lParam, Boolean& handled)
       at MS.Win32.HwndWrapper.WndProc(IntPtr hwnd, Int32 msg, IntPtr wParam, IntPtr lParam, Boolean& handled)
       at MS.Win32.HwndSubclass.DispatcherCallbackOperation(Object o)
       at System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate callback, Object args, Boolean isSingleParameter)
       at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(Object source, Delegate callback, Object args, Boolean isSingleParameter, Delegate catchHandler)
       at System.Windows.Threading.Dispatcher.InvokeImpl(DispatcherPriority priority, TimeSpan timeout, Delegate method, Object args, Boolean isSingleParameter)
       at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr hwnd, Int32 msg, IntPtr wParam, IntPtr lParam)
       at MS.Win32.UnsafeNativeMethods.DispatchMessage(MSG& msg)
       at System.Windows.Threading.Dispatcher.TranslateAndDispatchMessage(MSG& msg)
       at System.Windows.Threading.Dispatcher.PushFrameImpl(DispatcherFrame frame)
       at System.Windows.Application.RunInternal(Window window)
       at ThinkDeviceLink.App.Main() in C:\ThinkAutomatic\Software\ThinkDeviceLink\ThinkDeviceLink\obj\Debug\App.g.cs:line 0
       at System.AppDomain._nExecuteAssembly(Assembly assembly, String[] args)
       at Microsoft.VisualStudio.HostingProcess.HostProc.RunUsersAssembly()
       at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
       at System.Threading.ThreadHelper.ThreadStart()
    I have read that this error can occur when the client and server's clocks are out of sync, but I don't think that is the case. As best I can tell the clocks are at most a minute and a half apart and both in the Pacific time zone. I have also read that it can have to do with ASP trying to connect to the database using a special ASP account rather than the web.config specified connection string. I am skeptical of that but perhaps someone at Winhost could check the right log to see if that has been happening? Just for completeness here is my connection string definition (password blocked out). Any help would be greatly appreciated! Thanks.

    Code:
      <connectionStrings>
        <clear/>
        <remove name="LocalSqlServer"/>
        <add name="LocalSqlServer" connectionString="Data Source=s01.Winhost.com;Initial Catalog=DB_5977_thinkauto;User ID=DB_5977_thinkauto_user;Password=*********" providerName="System.Data.SqlClient"/>
      </connectionStrings>
    
     
    Last edited by a moderator: Oct 14, 2015
  2. Ray

    Ray

    You have a URL were we can see this errror message for ourselves?
     
  3. Here is the wsdl:

    https://www.attentivehomes.com/ThinkWcfService/ThinkService.svc?wsdl

    And here is how I'm calling it in my application:

    Code:
    ThinkServiceClient tsClient = new ThinkServiceClient("WSHttpBinding_IThinkService");
    tsClient.ClientCredentials.UserName.UserName = "steve3";
    tsClient.ClientCredentials.UserName.Password = "password!";
    tsClient.ReceiveXML();
    
     
  4. Ray, would it be possible for you to send me the SQL logs so I can see if this has something to do with the database access?
     
  5. Ray

    Ray

    No, I'm afraid not.
     
  6. I'm pretty sure I've narrowed it down to a database access issue. According to step 2 of this msdn article certain permissions need to be granted on the database in order for the WCF service process to be able to access it.

    http://msdn.microsoft.com/en-us/library/cc949010.aspx#Step2

    I don't have the permissions to grant the necessary database permissions. Is that something you can do for me or does the nature of how Winhost is setup not allow for it?

    Thanks.
     
  7. I figured out a workaround using a custom validator that accesses the database using the existing DB account. So don't sweat this.

    Thanks,
    Steve
     

Share This Page