WCF: Client Impersonation

Question

I have a console app client that talks to a WCF service hosted by a console app on a different server. It use windows authentication with security mode = message

It works just fine until I change the service to impersonate the clients credentials. The changes I do to accomplish that is:
1. Add <serviceAuthorization impersonateCallerForAllOperations="true" /> to the service behaviour
2. Add [OperationBehavior(Impersonation = ImpersonationOption.Required)] to my method signature

I then host my service and it runs as normal, all good.

In my client the only thing I do is add:

ChannelFactory<IService1> channel = new ChannelFactory<IService1>(binding, endPoint);
channel.Credentials.Windows.AllowedImpersonationLevel = TokenImpersonationLevel.Impersonation;

I then run my client and get the error:

The server did not provide a meaningful reply; this might be caused by a contract mismatch, a premature session shutdown or an internal server error.

Is there something else I'm missing that I need to do to the client config?

Answer 1

It could be that your server settings do not match the contract.

On the server side:

• Is IIS set to windows authentication?
• Is web.config set to windows authentication?
• Is web.config set to impersonate = true

My guess is that you are missing the last one.

Answer 2

I would suspect that the wcf method call triggers an exception on the server side. Do you have any infrastructure in place to capture server side exceptions or payloads? If not then use something like wcf trace logging to record traffic.

This should give you a more meaningful error.

If you can add this to your question hopefully we can discern what is causing the issue.