by Sandor Drieënhuizen
on Stack Overflow
See other posts from Stack Overflow
or by Sandor Drieënhuizen
Published on 2010-04-23T19:41:02Z Indexed on 2010/04/24 8:13 UTC
Read the original article Hit count: 897
I have a set of IIS7-hosted net.tcp WCF services that serve my ASP.NET MVC web application. The web application is accessed over the internet.
WCF Services (IIS7) <--> ASP.NET MVC Application <--> Client Browser
The services are username authenticated, the account that a client (of my web application) uses to logon ends up as the current principal on the host.
I want one of the services to be authenticated differently, because it serves the view model for my logon view. When it's called, the client is obviously not logged on yet. I figure Windows authentication serves best or perhaps just certificate based security (which in fact I should use for the authenticated services as well) if the services are hosted on a machine that is not in the same domain as the web application.
That's not the point here though. Using multiple TCP bindings is what's giving me trouble. I tried setting it up like this:
<bindings> <netTcpBinding> <binding> <security mode="TransportWithMessageCredential"> <message clientCredentialType="UserName"/> </security> </binding> <binding name="public"> <security mode="Transport"> <message clientCredentialType="Windows"/> </security> </binding> </netTcpBinding> </bindings>
The thing is that both bindings don't seem to want live together in my host. When I remove either of them, all's fine but together they produce the following exception on the client:
The requested upgrade is not supported by 'net.tcp://localhost:8081/Service2.svc'. This could be due to mismatched bindings (for example security enabled on the client and not on the server).
In the server trace log, I find the following exception:
Protocol Type application/negotiate was sent to a service that does not support that type of upgrade.
Am I looking into the right direction or is there a better way to solve this?
© Stack Overflow or respective owner