WCF: Transport Layer Security – with client certificates

WCF-Transport Layer Security –  with client certificates   Requiremnt: HTTPS/SSL Channel Authentication mode Certificate Windows / NTLM   WCF HOST: IIS   Certificates Authentication on Transport Layer – IIS   Requirement: SSL  Channel (using Server/SSL certificate) Adding a Https binding on IIS and assigning the required SSL certificate. Client to have private key of client…


WCF: Handling multiple IIS bindings

WCF: Handling multiple IIS bindings – This collection already contains an address with scheme http   Environment: IIS configured for multiple bindings with different host headers.   WCF Reporting Error: This collection already contains an address with scheme http.   IIS supports specifying multiple IIS bindings per site, which results in multiple base addresses per…


WCF: Transport Security with User Name + Client Certificate

WCF: Transport Security with User Name + Client Certificate   Vast world of WCF provides endless possibilities to handle the security. This is one interesting scenario, where service needs to get dual layer of credentials. Along with the valid user name and password, it also expects the client application to send a valid client certificate….


WCF: Learning Impersonation and Delegation

      Configure DC: Please follow link to configure your domain controller. http://techsthing.com/2012/how-to-create-a-domain-controller-using-the-dcpromo-command/     Add all three boxes (A, B, C) to your new DC. First Box/Domain Controller/Client box: DCSAURABH Second Box: DCSAURABH1 Third Box: DCSAURABH2     Architecture: User on Box A (DCSAURABH) using IE to browse the web app running on BOX B…


WCF: Troubleshooting Socket Abort Errors

  WCF: Troubleshooting Socket Abort Error ============================================================================================================================================================ Scenario 1: Client: Console application Server: WCF service Same machine: Yes    Step 1: Search for “Exception” keyword, start from bottom   System.Net.Sockets Verbose: 0 : [6488] Socket#37659220::Receive() System.Net.Sockets Error: 0 : [6488] Exception in the Socket#37659220::Receive – An existing connection was forcibly closed by the remote host…


WCF: Create client proxy – For WCF service running on SSL – with client certificate

WCF: Create client proxy – For WFC service Running On SSL – With Client Certificate   Problem: We can’t use the default svcutil.exe to pass the client certificates.   Resolution: So we have two work around. 1) Use the modified svcutil.config file and add the required client certificate in same. http://msdn.microsoft.com/en-us/library/aa395212.aspx   2) We can…


WCF: Learning Impersonation

Learning Impersonation in WCF services   What is Impersonation ? Ability of a thread to execute in a security context that is different from the context of the process that owns the thread When running in a client’s security context, a service “is” the client, to some degree.   Why we need it ? We…


IIS: Handling WCF Client Certificate

WCF – TRANSPORT SECURITY – IIS –  HANDLING CLIENT CERTIFICATES   1:1 Mapping -2003 Performs the client certificate authentication and maps it to windows account. Once the client certificate is mapped, it is authorized based on the windows account / identity associated with it.   Requirement:        Client certificate with Public key – so that…


WCF – Interop – Understanding Protection Level

WCF: Interop – Understanding  Protection level   Protection level is a very important parameter to consider while working on WCF Introp scenarios. Can be defined on (only via code)    Service contract level    Operation contract level   [OperationContract(ProtectionLevel = ProtectionLevel.Sign)] string GetData(int value);     It controls how the incoming soap envelope is protected….


IIS: Configure local certificate authority on IIS 6 – Server 2003

Configuring the Local Certificate Authority on Server 2003 1)      Install the local CertificateAuthority. Go to control panel- > Add Windows component                 2)      Once this is done, run the certificate authority from the Administrative tool.   3)      We will target to create a client certificate getting listed as below.    4)      Once local certificate…