Έχουν δημοσιευτεί
Τετάρτη, 17 Φεβρουαρίου 2010 9:33 πμ
από το μέλος
Dimitris Papadimitriou
There aren't may things one has to do to enable windows authentication in a WCF service. Actually Windows Authentication is by default enabled when using most of the standard bindings of WCF.
Configuration
The following configuration ensures this anyway (use this configuration both on server and on client side):
<system.serviceModel>
<bindings>
<wsHttpBinding>
<binding name="test">
<security mode="Message">
<message clientCredentialType="Windows"/>
</security>
</binding>
</wsHttpBinding>
</bindings>
...
Server
To get the credentials of the user on server side using the following (password in never included):
var identity = OperationContext.Current.ServiceSecurityContext.PrimaryIdentity;
Client
On client you have two options:
a) Do not ask credentials from the user (Integrated Authentication): The credentials of the current logged on user will be used. This requires that the user is logged on to a Windows Domain that is trusted or is the same with the Domain of the server. There is no special code to write here. Simple instantiate the client proxy and use it.
b) Ask for Windows Credentials from the user: This is useful when you expect that your application will be used by users using machines not registered to known Windows Domains. In this case you have to create a typical log in dialog and ask for user name and password. Username must contain the domain name (Eg. MYDOMAIN\myUserName). Also this requires that the username and password the user will use belong to a domain that is trusted or is the same with the Domain of the server. In this case you also need to write the following line after instantiating your client proxy, and use the credentials you collected from the log in dialog:
clientProxy.ClientCredentials.Windows.ClientCredential = new NetworkCredential("MYDOMAIN\\myUsername", "myPassword");
Important
Patterns and Practices team created an excellent pdf document called 'WCF Security Guidance'. This is a quite big document that describes perhaps all the security scenarios that you might consider. It is organized in such a way that you can find what you are looking for quickly.
Check it out!
Permalink
| Leave a comment »