[英]Can not get User credentials using webhttpbinding for JSON calls to WCF Service
Hope someone can help! 希望有人可以帮忙!
I am calling a WCF service using JSON but I am not able to get the user credentials out. 我使用JSON调用WCF服务,但我无法获取用户凭据。
We are using Kerberos so IIS is setup as the following: 我们正在使用Kerberos,因此IIS设置如下:
Everything works nicely when using wsHTTPBinding. 使用wsHTTPBinding时,一切都很好用。 However to get JSON working I have to use WebHttpBinding.
但是要使JSON正常工作,我必须使用WebHttpBinding。 I then need to get the user credentials out so I can use impersonation to talk to the backend services.
然后,我需要获取用户凭据,以便我可以使用模拟与后端服务进行通信。
My binding in the WFC config is as below: I used http://underground.infovark.com/2008/03/21/wcf-webhttp-binding-and-authentication/ to help: 我在WFC配置中的绑定如下:我使用http://underground.infovark.com/2008/03/21/wcf-webhttp-binding-and-authentication/来帮助:
<webHttpBinding>
<binding name="AjaxBinding">
<security mode="None">
<transport clientCredentialType="Ntlm" />
</security>
</binding>
</webHttpBinding>
<endpoint name="DataJson" address="Datajson" binding="webHttpBinding"
bindingConfiguration="AjaxBinding"
behaviorConfiguration="jsonbehaviour" contract="MyContract"/>
<behavior name="jsonbehaviour">
<!--<webHttp/>-->
<enableWebScript/>
</behavior>
It is calling the WCF service successfully but I am unable to get anything from: HttpContext.Current.User.Identity
or ServiceSecurityContext.Current.WindowsIdentity
other than anonymous so I am unable to do: 它正在成功调用WCF服务,但我无法从以下内容获取任何内容:
HttpContext.Current.User.Identity
或ServiceSecurityContext.Current.WindowsIdentity
而不是匿名,所以我无法做到:
WindowsIdentity identity = (WindowsIdentity)HttpContext.Current.User.Identity();
using (identity.Impersonate())
{
// ... code to call application B goes here ...
}
I have tried adding this into the web.config in case of multiple identities that I read about: 我尝试将此添加到web.config中,以防我读到多个身份:
<deny users="?"/>
Any ideas anyone? 任何人的想法?
Do you have this section in your config? 你的配置中有这个部分吗?
<system.web> <identity impersonate="true"/>
These are the only things that I have on my "list" of things to check when doind integrated authentication, that you did not explicitly mention in your question. 这些是我在我的“列表”中唯一可以检查的事项,当你进行集成身份验证时,你没有在你的问题中明确提到。 Hope it helps?
希望能帮助到你?
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.