WCF Service failing with “The server has rejected the client credentials”. Why doesn’t the server like me?

I spent the past couple of days dealing with faultexceptions being thrown by our WCF service that was being consumed by our Indian team. It worked for all the US teams, but for some reason the Indian team kept getting faultexceptions on the service. The proxy seemed to disguise the error and was throwing an error about the channel being in a faulted state.

So down the rabbit hole I go. I created all sorts of test rigs; to no avail. I finally get a developer to build a debug version so we can drop right into the code. He is able to find an inner exception saying, hey, I don’t like your credentials. The service didn’t have any authentication on, so I thought.

Well, lesson to be learned is the TCP services seem to default to windows security mode. Yes, surprising as it is, if you don’t set the security configuration you get windows authentication. What does this mean? As soon as a person outside of your domain tries to invoke the service, they get their butts handed to them. No service for you!

So, how  do you fix this? Easy, simple config change. Not one piece of source code needs to change.
Remember, you must change the binding on the SERVER and the CLIENT.

<system.serviceModel>

    <client>

      <endpoint address               = "net.tcp://localhost/MyService"

                binding               = "netTcpBinding"

                name                  = "MyService"

                bindingConfiguration  = "myBinding"

                contract              = "IMyContract" />

    </client>

    <bindings>

      <netTcpBinding>

        <binding name="tcp_ myBinding ">

          <security mode="None"></security>

        </binding>

      </netTcpBinding>

    </bindings>

  </system.serviceModel>

So if you look at the config above, the key is the Security Mode tag. You need to go to your client and server bindings and set this to None.

<security mode="None"></security>

Once you have that set, ON BOTH SIDES, your non-domain users can actually start calling your WCF service. Remember to restart the service after you make the configuration file changes!

0 Replies to “WCF Service failing with “The server has rejected the client credentials”. Why doesn’t the server like me?”

  1. Code above? What code above? The first code block contains nothing but the string ” ” repeated over and over.

       

         

       

       

         

           

             

           

         

       

     

    1. Thanks for letting me know. WordPress irritates me sometimes. Doesn’t make it easy to put in source code. Their parser destroys any of the formatting as well. I need to find a plugin or something so I don’t waste my time trying to format.

    1. If you are trying outside your domain, and you can’t control the service at all. i.e. can’t get to change the web.config, you are generally unable to work with that service.

  2. Matt :
    Code above? What code above? The first code block contains nothing but the string “ ” repeated over and over.
       
         
       
       
         
           
             
           
         
       
     

    Thanks, Life saver

Leave a Reply

Your email address will not be published. Required fields are marked *