Credential Error while consuming the WCF Service hosted in Azure App Service
I have created a WCF Service using "Cloud Service >> WCF Web Role" (as shown below). (This is just a test exercise that I have been conducting to ensure that WCF can be hosted in Azure App Service and connection via External App created with C# works.)
[enter image description here]1
My WebConfig is as below:
<?xml version="1.0"?>
<configuration>
<system.diagnostics>
<trace>
<listeners>
<add type="Microsoft.WindowsAzure.Diagnostics.DiagnosticMonitorTraceListener, Microsoft.WindowsAzure.Diagnostics, Version=2.8.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35"
name="AzureDiagnostics">
<!--<filter type="" />-->
</add>
</listeners>
</trace>
</system.diagnostics>
<system.web>
<compilation debug="true" targetFramework="4.6.1" />
<authentication mode="None"/>
</system.web>
<system.serviceModel>
<!--DECLARE BINDINGS-->
<bindings>
<wsHttpBinding>
<binding name="CustomBinding"
openTimeout="00:20:00"
receiveTimeout="00:20:00" closeTimeout="00:20:00"
sendTimeout="00:20:00" >
<security mode="None">
<transport clientCredentialType="None" proxyCredentialType="None" realm=""/>
<message algorithmSuite="Default" clientCredentialType="None"/>
</security>
</binding>
</wsHttpBinding>
</bindings>
<!--DECLARE BEHAVIOUR-->
<behaviors>
<serviceBehaviors>
<behavior name="CustomBehaviour">
<!-- To avoid disclosing metadata information, set the value below to false before deployment -->
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true"/>
<!-- To receive exception details in faults for debugging purposes, set the value below to true. Set to false before deployment to avoid disclosing exception information -->
<serviceDebug includeExceptionDetailInFaults="true"/>
</behavior>
</serviceBehaviors>
</behaviors>
<!--CREATE SERVICE WITH ENDPOINTS-->
<services>
<!-- Service For Main Implementation-->
<service name="DolphinBimUserRegistration.Service1" behaviorConfiguration="CustomBehaviour">
<endpoint address="DBWsHttp" binding="wsHttpBinding" bindingConfiguration="CustomBinding" contract="DBIMInterface.IDBIMService"/>
</service>
</services>
<serviceHostingEnvironment multipleSiteBindingsEnabled="true" />
</system.serviceModel>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true"/>
<!--
To browse web app root directory during debugging, set the value below to true.
Set to false before deployment to avoid disclosing web app folder information.
-->
<directoryBrowse enabled="true"/>
</system.webServer>
</configuration>After publishing the WCF Service to Azure App Service, I am able to create a service reference. Everything works perfect till here..
During debugging, when I try to call the basic "GetData" Function inside the WCF Service, it frequently requests for the User Credential (as shown in below image).
I need to find a way to access my azure web app service without entering the credentials manually. I have been trying to sort this out for long time. Nothing seems to be working.
- I read somewhere that we can enter the credentials obtained by using "Get Publish Profile" inside Azure can be used to log in. But, that doesn't seem like a good approach. We cannot enter such confidential information inside the client application. When the Client Application is used by different people, they should not be entering the credentials to reach Azure Web App. How do I avoid entering the credentials? How does visual studio (or client application) make connection to the Azure Web app?
I must ask - why are you opting to use WCF over ASP.NET Web API (or any other modern RESTFul framework) for your services? OAuth/JWT is what modern services in the cloud use for security. APIs are protected by a client ID and secret which can be created in Azure AD. I don't think you'll find much support out there for WCF in Azure. Either way, if you must use WCF, here's a reference towards using OAuth for WCF: OAuth and WCF SOAP service
To answer your other question, Visual Studio uses a publish profile to deploy a web app to Azure. When you first attempt to publish from Visual Studio, it will allow you to import a publish profile. You can either obtain this from your Azure App Service's dashboard or you can point Visual Studio to your App Service in Azure. This dialog will give you the option to persist your credentials.
You will find two types of files for each publish profile, a .pubxml file and a .pubxml.user file. For Web Deploy and FTP publishing, the .pubxml.user file contains the password, in encrypted form. The username can be found in the .pubxml file.
