I am trying to switch the default WCF service ( Service1) with the endpoints GetData(int) & GetDataUsingDataContract(compositeType) from operating anonymously to accepting basic authentication, cong from SOAPUI
The SOAPUI request looks like
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:tem="http://tempuri.org/">
<soapenv:Header>
<wsse:Security soapenv:mustUnderstand="0" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:UsernameToken wsu:Id="UsernameToken-1234D5C071B185E32DA799996999339999">
<wsse:Username>TestID</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">TestPass</wsse:Password>
<wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">aa9GNM4983dxaPGU90i+SA==</wsse:Nonce>
<wsu:Created>2017-07-10T15:18:53.202Z</wsu:Created>
</wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>
<soapenv:Body>
<tem:GetData>
<tem:value>3</tem:value>
</tem:GetData>
</soapenv:Body>
</soapenv:Envelope>
I have tweaked the web config to look like this, as this is what I believed was required for Basic Auth
<?xml version="1.0"?>
<configuration>
<appSettings>
<add key="aspnet:UseTaskFriendlySynchronizationContext" value="true" />
</appSettings>
<system.web>
<compilation debug="true" targetFramework="4.5.2" />
<httpRuntime targetFramework="4.5.2"/>
</system.web>
<system.serviceModel>
<diagnostics>
<endToEndTracing activityTracing="true" />
</diagnostics>
<bindings>
<wsHttpBinding>
<binding name="UsernameWithTransport">
<security mode="Transport">
<transport clientCredentialType="Basic" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior>
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true"/>
<serviceDebug includeExceptionDetailInFaults="false"/>
</behavior>
</serviceBehaviors>
</behaviors>
<protocolMapping>
<add binding="basicHttpsBinding" scheme="https" />
</protocolMapping>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
<services>
<service name="BasicAuthentication.Service1">
<endpoint address="http://localhost:1234/Service1.svc"
binding="wsHttpBinding"
bindingConfiguration="UsernameWithTransport"
name="BasicEndpoint"
contract="BasicAuthentication.IService1" />
</service>
</services>
</system.serviceModel>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true"/>
<directoryBrowse enabled="true"/>
</system.webServer>
</configuration>
To provide addtional information in the debugger, I have added the code
var Appcontext= OperationContext.Current;
to retrieve all the information about how visual studio thinks the app is being run. Numerous objects inside Appconect show that it is being run anonymously (IsAuthenticated is false , Principal Name is empty etc.)
The app goes on to return the value "You entered 3", back to SOAPUI
I can confirm that when I start this in IIS Manager local, the Website Authentication settings have Anonymous Authentication DISABLED and Forms Authentication ENABLED
How do I make my WCF Service accept the values in the header for Username & password should be treated as an attempt to login?