WCF Windows身份验证
问题描述:
我想我们的WCF服务返回当前登录的用户名。我在我的服务调用此,WCF Windows身份验证
HttpContext.Current.User.Identity.Name
然而,我不想用户我的Silverlight应用程序对WCF服务的调用时显示一个NT挑战。目前,我禁用了匿名访问并启用了集成身份验证,但由于此原因,我无法将该服务添加到VS2010中的服务参考中。我该怎么做?还应该为WCF服务的web.config设置。我目前使用安全模式设置为None的basicHttpBinding。
添加Web.config文件: 服务器:
<system.serviceModel>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true"/>
<behaviors>
<serviceBehaviors>
<behavior name="MyService.MyServiceBehavior">
<serviceMetadata httpGetEnabled="true"/>
<serviceDebug includeExceptionDetailInFaults="true"/>
<dataContractSerializer maxItemsInObjectGraph="2147483647"/>
</behavior>
</serviceBehaviors>
</behaviors>
<bindings>
<basicHttpBinding>
<binding name="BasicHttpBinding_MyService" maxBufferSize="2147483647" maxReceivedMessageSize="2147483647" receiveTimeout="00:40:00" openTimeout="00:40:00" closeTimeout="00:40:00" sendTimeout="00:40:00">
<readerQuotas maxDepth="2147483647" maxStringContentLength="2147483647" maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647"/>
<security mode="None"/>
</binding>
</basicHttpBinding>
<customBinding>
<binding name="MyService.MyService.customBinding0">
<binaryMessageEncoding/>
<httpTransport/>
</binding>
</customBinding>
</bindings>
<services>
<service behaviorConfiguration="MyService.MyServiceBehavior" name="MyService.MyService">
<endpoint address="" binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_MyService" name="BasicHttpBinding_MyService" contract="MyService.IMyService"/>
</service>
</services>
</system.serviceModel>
客户:
<system.serviceModel>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true"/>
<behaviors>
<serviceBehaviors>
<behavior name="MyService_Behavior">
<serviceDebug includeExceptionDetailInFaults="true"/>
<serviceMetadata httpGetEnabled="true"/>
</behavior>
</serviceBehaviors>
<endpointBehaviors>
<behavior name="r1">
<dataContractSerializer maxItemsInObjectGraph="2147483647"/>
</behavior>
</endpointBehaviors>
</behaviors>
<bindings>
<basicHttpBinding>
<binding name="BasicHttpBinding_MyService" closeTimeout="00:03:00" openTimeout="00:03:00" receiveTimeout="00:10:00" sendTimeout="00:03:00" allowCookies="false" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard" maxBufferSize="2147483647" maxBufferPoolSize="2147483647" maxReceivedMessageSize="2147483647" messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered" useDefaultWebProxy="true">
<security mode="None"/>
</binding>
</basicHttpBinding>
</bindings>
<client>
<endpoint address="http://localhost:8080/MyService/MyService.svc" binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_MyService" contract="MyService.IMyService" name="BasicHttpBinding_MyService" behaviorConfiguration="r1"/>
</client>
</system.serviceModel>
答
尝试添加以下端点对你的态度终点,与psudo客户端配置如下
<behaviors>
<endpointBehaviors>
<behavior name="WindowsBehavior">
<clientCredentials>
<windows allowNtlm="false" allowedImpersonationLevel="Delegation"></windows>
</clientCredentials>
<dataContractSerializer maxItemsInObjectGraph="4194304"></dataContractSerializer>
</behavior>
</endpointBehaviors>
</behaviors>
<endpoint address="http://server/web.svc" behaviorConfiguration="WindowsBehavior" binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_Service" contract="IMyContract" name="BasicHttpBinding_Service">
答
您需要在服务绑定配置中启用Windows身份验证。即 参考你这种结合cinfig绑定定义部分
<bindings>
<basicHttpBinding>
<binding name="basicBindingCfg">
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Windows" />
</security>
</binding>
</basicHttpBinding>
</bindings>
也是在你的web配置你需要设置Windows身份验证
和使用授权标签用户允许:
<authentication mode="Windows"/>
<authorization>
<allow roles="<NT group>"/>
<allow users="<user name>"/>
<deny users="*"/>
</authorization>
什么设置做你有在IIS? – Iain 2011-03-09 06:41:27
我已禁用匿名访问和启用集成的Windows身份验证 – Kev 2011-03-09 06:45:52
你可以添加web.config的服务器和客户端的问题? – Iain 2011-03-09 09:04:26