R – WCF Fails Under Load – MessageSecurityException

.netload-testingstress-testingwcf

I am load testing my website. The site calls to a WCF service running on the same box using clientCredentialType="Windows". Everything works until I reach a certain load (which is not even very high), then I get the following error:

System.ServiceModel.Security.MessageSecurityException:
The HTTP request was forbidden with
client authentication scheme
'Anonymous'. —->
System.Net.WebException: The remote
server returned an error: (403)
Forbidden.

Upon each call I create a channel:

var proxy = (IClientChannel)channelFactory.CreateChannel();

On success, I close:

proxy.Close();

On error, I abort:

proxy.Abort();

Any ideas what's going on? What I can do to handle loads better? What to look for?

Best Solution

Is your Service a Sessionful Service or do you not worry about keeping state between calls? If you don't have state, you may want to mark your service as a PerCall service. This will make sure that the service instance only exists when a client call is in progress.

Chapter 4 of Juval Lowy's excellent book "Programming WCF Services" 2nd Edition covers this topic.

The default is PerSession which may not be what you want.

Also, see this on MSDN: How To: Control Service Instancing

Related Solutions

.net – WCF Security error with VS 2008 Unit Test

I had to change the following IIS and WCF service configurations to get past the "Negotiate,NTLM" exception.

IIS Configurations:

-- Unchecked "Anonymous Access" checkbox and check the "Integrated Windows authentication" checkbox in the directory security setting for the WCF Service virtual directory.

WCF Services:

-- implemented basicHttpBinding and configured the basicSettingBinding security setting to "TransportCredentialsOnly" mode and TransportClientCredentialType to "Windows"

Here is my updated wcf service configuration:

<system.serviceModel>
    <bindings>
        <basicHttpBinding>
            <binding name="windowsBasicHttpBinding">
                <security mode="TransportCredentialOnly">
                    <transport clientCredentialType="Windows" />
                </security>
            </binding>
       </basicHttpBinding>
    </bindings>
    <services>
        <service    
      behaviorConfiguration="CityOfMesa.ApprovalRouting.WCFService.RoutingServiceBehavior"
           name="CityOfMesa.ApprovalRouting.WCFService.RoutingService"
        >
            <endpoint 
                binding="basicHttpBinding" bindingConfiguration="windowsBasicHttpBinding"
                name="basicEndPoint"    
                contract="CityOfMesa.ApprovalRouting.WCFService.IRoutingService" 
            />
        </service>
    </services>
    <behaviors>
        <serviceBehaviors>
            <behavior 
                name="CityOfMesa.ApprovalRouting.WCFService.RoutingServiceBehavior"
            >
                <serviceMetadata httpGetEnabled="true" />
                <serviceDebug includeExceptionDetailInFaults="true" />
           </behavior>
        </serviceBehaviors>
    </behaviors>
</system.serviceModel>

C# – Not able to add HTTPS enabled WCF Service as Service reference in Visual Studio 2010 IDE

Another possible solution is to make sure that Visual Studio knows which certificate to use by setting it in credential manager.

Open credential manager and under Certificate-Base credentials click Add a certificate-based credential.

Enter the URL of your service reference and select the certificate from the store.

Best Solution

Related Solutions

.net – WCF Security error with VS 2008 Unit Test

C# – Not able to add HTTPS enabled WCF Service as Service reference in Visual Studio 2010 IDE

Related Question