Infopath + WCF Secure Binding

[Darlan Jr.]

Hello,

I´m working on a Infopath Form which consumes an WCF Service. And I´ve
already configured a BasicHttpBinding on my WCF Service.

And until here, it works great!

The deal starts when I add the security configuration in the
BasicHttpBinding. After that, every time I try to create a Infopath Data
Connection to the WCF Service it shows me a Credential Prompt that always
comes back, no matter if I used the Domain Admin Credential.

In a few words, I can´t create a Infopath Data Connection to a WCF Service
which requires user authentication.

And there is another issue annoying me: If I create a basic Windows Forms
Application which consumes the same WCF Service through the same
BasicHttpBinding, it works fine.

If you wanna know, my WCF Service is hosted in IIS and here follows the
Web.config file:


<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="BasicHttpBinding_IContent">
<security mode="TransportCredentialOnly" >
<transport clientCredentialType="Ntlm"/>
</security>
</binding>
<binding name="BasicHttpBinding_IContentMT">
<security mode="TransportCredentialOnly" >
<transport clientCredentialType="Ntlm"/>
</security>
</binding>
</basicHttpBinding>
<wsHttpBinding>
<binding name="WSHttpBinding_IContent">
<security mode="Transport">
<transport clientCredentialType="Ntlm"/>
</security>
</binding>
<binding name="WSHttpBinding_IContentMT">
<security mode="Transport">
<transport clientCredentialType="Ntlm"/>
</security>
</binding>
</wsHttpBinding>
</bindings>
<services>
<service
behaviorConfiguration="PlatTec.Compl.Portal.ContentServices.ContentAbstractor.ContentBehavior"
name="PlatTec.Compl.Portal.ContentServices.ContentAbstractor.ContentAbstractor">
<endpoint address="" binding="wsHttpBinding"
contract="PlatTec.Compl.Portal.ContentServices.ContentAbstractor.IContent">
<identity>
<dns value="localhost" />
</identity>
</endpoint>
<endpoint address="asmx" binding="basicHttpBinding"
bindingConfiguration="BasicHttpBinding_IContent"
name="BasicHttpBinding_IContent"
contract="PlatTec.Compl.Portal.ContentServices.ContentAbstractor.IContent" />
<host>
<baseAddresses>
<add baseAddress="http://localhost:8080/IContent/" />
</baseAddresses>
</host>
</service>
<service
behaviorConfiguration="PlatTec.Compl.Portal.ContentServices.ContentAbstractor.ContentMTBehavior"
name="PlatTec.Compl.Portal.ContentServices.ContentAbstractor.MultiTenantAbstractor">
<clear />
<endpoint address="" binding="wsHttpBinding"
contract="PlatTec.Compl.Portal.ContentServices.ContentAbstractor.IContentMT">
<identity>
<dns value="localhost" />
</identity>
</endpoint>
<endpoint address="asmx" binding="basicHttpBinding"
bindingConfiguration="BasicHttpBinding_IContentMT"
name="BasicHttpBinding_IContentMT"
contract="PlatTec.Compl.Portal.ContentServices.ContentAbstractor.IContentMT"
/>
<host>
<baseAddresses>
<add baseAddress="http://localhost:8080/IContentMT/" />
</baseAddresses>
</host>
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior
name="PlatTec.Compl.Portal.ContentServices.ContentAbstractor.ContentBehavior">
<serviceMetadata httpGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
<behavior
name="PlatTec.Compl.Portal.ContentServices.ContentAbstractor.ContentMTBehavior">
<serviceMetadata httpGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>

 

[Gavin McKay]

Hello,

Ugh - I love WCF, but resolving issues like this is soooo painful...
IMHO configuring security for WCF is the most complex part of the whole
process! Anyway, on to your problem...

I've had similar issues like this before, and my gut feeling is that it is
something to do with the version of Xml web services that InfoPath uses to
communicate with web services. It seems to be great for the "simple" stuff,
but as you found out when you add authentication in it just doesn't seem to
play nicely. I don't really have any solution to offer I'm afraid, but some
of the following might help:

- InfoPath 2007 uses Microsoft XML Core Services v5 - the latest version if
v6. There is no way to upgrade AFAIK, but this may be causing an issue
somewhere
- Check the article on InfoPath web services support
(http://msdn2.microsoft.com/en-us/li...eSupport_WebServiceRequirementsandLimitations)
to make sure your web service is OK with InfoPath. There may be an issue
with the authentication requirements, but looking through the article I can't
see anything that might be the cause, especially seeing as it works in your
test application. I may have missed something though
- basicHttpBinding (http://msdn2.microsoft.com/en-us/library/ms731361.aspx)
is usually used with "older" style web services (like .asmx web services).
wsHttpBinding might help out here
(http://msdn2.microsoft.com/en-us/library/ms731299.aspx) or perhaps even
webHttpBinding (http://msdn2.microsoft.com/en-us/library/bb412176.aspx).
wsHttpBinding in particular offers more security-related information with
InfoPath might be happier to consume.

The only InfoPath -> WCF integration I've done used very basic read-only
web services that were secured via a digital cert and IP address
restrictions. They were just dynamic look-up data with no real security
requirements hence very very simple. The config I used was basicHttpBinding.

HTH

Gavin.

 

[Darlan Jr.]

Thanks a lot, Gavin. Your post put me in the right direction to solve my
problem.

The solution, for this specific issue, is just set the security binding
configuration as the following code:

<bindings>
<basicHttpBinding>
<binding name="BasicHttpBinding_IContent">
<security mode="TransportCredentialOnly" >
<transport clientCredentialType="Windows"/>
</security>
</binding>
<binding name="BasicHttpBinding_IContentMT">
<security mode="TransportCredentialOnly" >
<transport clientCredentialType="Windows"/>
</security>
</binding>
</basicHttpBinding>
<wsHttpBinding>
<binding name="WSHttpBinding_IContent">
<security mode="Transport">
<transport clientCredentialType="Ntlm"/>
</security>
</binding>
<binding name="WSHttpBinding_IContentMT">
<security mode="Transport">
<transport clientCredentialType="Ntlm"/>
</security>
</binding>
</wsHttpBinding>
</bindings>

 

[Gavin McKay]

Good to have a result! InfoPath + WCF information is very rare
unfortunately...

So from your config you have changed the clientCredentialType to "Windows"
instead of "Ntlm" and that solved the problem? Nice!

Gavin.

 

[michael.hncck]

I am experiencing the exact same problem, but your fix didn't work for
me! Are you running your WCF services on the same server as Forms
Services?