I developed a wcf service. Since it will also be called by non-.net clients, I used basichttpbinding. Some of the methods need Impersonation. This is forced by decorating the webmethods with:
[OperationBehavior(Impersonation = ImpersonationOption.Required)]
After I deployed the service on our test server, I get a strange error when I call the service:
Could not load file or assembly 'log4net, Version=1.2.10.0, Culture=neutral, PublicKeyToken=1b44e1d426115821' or one of its dependencies. Either a required impersonation level was not provided, or the provided impersonation level is invalid. (Exception from HRESULT: 0x80070542)
I get this error independently of the way I call the service. I get it when I call it via wcfTestClient and I get it when I call it via a console application that I wrote. (I added the webservice as web reference to this application to simulate the behaviour of a non .net client.)
Any ideas?
PS: Here is the web.config of my webservice:
<system.web>
<compilation targetFramework="4.0" />
</system.web>
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding closeTimeout="00:15:00" openTimeout="00:15:00" sendTimeout="00:15:00" maxBufferSize="2147483647" maxBufferPoolSize="2147483647" maxReceivedMessageSize="2147483647">
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Windows" />
</security>
</binding>
</basicHttpBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior name="">
<dataContractSerializer maxItemsInObjectGraph="2147483647" />
<serviceMetadata httpGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
</serviceBehaviors>
</behaviors>
<serviceHostingEnvironment multipleSiteBindingsEnabled="true" />
</system.serviceModel>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true" />
<defaultDocument>
<files>
<add value="CrmConnectorDiamondData.svc" />
</files>
</defaultDocument>
</system.webServer>
</configuration>
Well in WCF client must allow impersonation explicitly. In WCF client it is done by adding behavior to client proxy either through configuration:
<behaviors>
<endpointBehaviors>
<behavior name="myBehavior">
<clientCredentials>
<windows allowedImpersonationLevel="Impersonation" />
</clientCredentials>
</behavior>
</endpointBehaviors>
</behaviors>
Or in the code:
proxy.ClientCredentials.Windows.AllowImpersonationLevel = TokenImpersonationLevel.Impersonation;
I expect that this have to be configured for WcfTestClient because default impersonation level allows only idnetification.
In case of ASMX proxy make sure that you are passing your credentials.
My opinion is that windows authentication is not a good choice for services used by non-.NET clients (especially if you also mean non-Windows).
Looks like the log4net library is incompatable with that impersonation level. If you remove the reference it will work.
User contributions licensed under CC BY-SA 3.0