The caller was not authenticated by the service

Sorry for the repost but Im struggling to apply what I've read in the other posts to my problem.

I have a self hosted WCF service that runs fine when hosted on my machine and the client is on my machine.

I've tried to move the client to another machine and am now getting the "The caller was not authenticated by the service" error.

Please could someone advise on where the problem is occuring.

If you need anymore information please let me know.

Kind Regards

Ash

Here is the client config on my machine that works

<?xml version="1.0" encoding="utf-8"?>
<configuration>
  <system.serviceModel>
    <bindings>
      <wsDualHttpBinding>
        <binding name="WSDualHttpBinding_IDataCollector" closeTimeout="00:01:00"
          openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"
          bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard"
          maxBufferPoolSize="524288" maxReceivedMessageSize="65536"
          messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true">
          <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
            maxBytesPerRead="4096" maxNameTableCharCount="16384" />
          <reliableSession ordered="true" inactivityTimeout="00:10:00" />
          <security mode="Message">
            <message clientCredentialType="Windows" negotiateServiceCredential="true"
              algorithmSuite="Default" />
          </security>
        </binding>
      </wsDualHttpBinding>
    </bindings>
    <client>
      <endpoint address="http://192.168.1.74:8080/" binding="wsDualHttpBinding"
        bindingConfiguration="WSDualHttpBinding_IDataCollector" contract="AshService.IDataCollector"
        name="WSDualHttpBinding_IDataCollector">
        <identity>
          <userPrincipalName value="Ash-PC\Ash" />
        </identity>
      </endpoint>
    </client>
  </system.serviceModel>
</configuration>

Heres the server config

    <?xml version="1.0" encoding="utf-8" ?>
<configuration>
  <system.serviceModel>
    <bindings>
      <wsDualHttpBinding>
        <binding name="WSDualHttpBinding_IDataCollector" closeTimeout="00:01:00"
            openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"
            bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard"
            maxBufferPoolSize="524288" maxReceivedMessageSize="65536"
            messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true">
          <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
              maxBytesPerRead="4096" maxNameTableCharCount="16384" />
          <reliableSession ordered="true" inactivityTimeout="00:10:00" />
          <security mode="Message">
            <message clientCredentialType="Windows" negotiateServiceCredential="true"
                algorithmSuite="Default" />
          </security>
        </binding>
      </wsDualHttpBinding>
    </bindings>
    <services>
      <service name="DataCollector">
        <endpoint address="http://192.168.1.74:8080" binding="wsDualHttpBinding"
          bindingConfiguration="WSDualHttpBinding_IDataCollector" contract="IDataCollector" />
      </service>
    </services>
    <behaviors>
      <serviceBehaviors>
        <behavior>
          <serviceMetadata httpGetEnabled="True"/>
        </behavior>
      </serviceBehaviors>
    </behaviors>
  </system.serviceModel>
</configuration>

Answers


You are correct that your issues are due to Windows Authentication. As Rest Wing has described if you want to use AD credentials that the service has access to you will have to provide those credentials in order for the service to authenticate the client.

If you cannot use Windows authentication and you must authenticate the client you will need to look at other authentication techniques. One method is User Name/Password, but you will need to establish your own authentication algorithms. Another is certificates; the server and the client must have certificates installed (X509 certs work) to identify each other. There are other methods as well, but if I remember correctly only the above two will work with machines that are not in the same domain.

If you do not need to authenticate the client, set your security mode to "None". This would be a technique for publicly exposed services available over the internet.


You have differently configured bindings on client and service side. Try using same binding configuration on both sides and see whether the exception is gone.

EDIT: Credentials to be used for client authentication at service side must be provided as well.

// Provide client credentials
NetworkCredential credentials = new NetworkCredential( "UserName", "RealPasswordHere", "DomainOrMachineName" );

// Create factory that will be used to create proxy to the service
// Pass the client credentials into the factory
var factory = new ChannelFactory<AshService.IDataCollector>( "WSDualHttpBinding_IDataCollector" );
factory.Credentials.Windows.ClientCredential = credentials;

// Create and open proxy to the service
AshService.IDataCollector proxy = factory.CreateChannel();
( proxy as IChannel ).Open();

// Invoke an operation from the service

try this

svc.ClientCredentials.Windows.ClientCredential.UserName = "username";
svc.ClientCredentials.Windows.ClientCredential.Password = "password";

Need Your Help

How to securely pass credit card information between pages in PHP

php security e-commerce credit-card

How do you securely pass credit card information between pages in PHP? I am building an ecommerce application and I would like to have the users to go through the checkout like this:

Javascript not loading -rails - spree commerce

javascript jquery ruby-on-rails flexslider spree

I'm messing around with Spree commerce trying to learn it. I downloaded an HTML theme ( http://themeforest.net/item/convertible-responsive-html5-template/full_screen_preview/6289591) and I'm just t...