stackoom
  简体   繁体   中英

WCF windows credentials

 原文  2009-08-10 08:58:31       c#/ asp.net/ wcf

Question

my client on server A calls a service on B which calls a service on C.
In order to get the call working from B->CI have to do this: 

channel.Credentials.Windows.ClientCredential = 
   new System.Net.NetworkCredential("WndowsUserName", "WindowsPassWord");  
IService1 service = channel.CreateChannel();

etc...

the user name and password are the windows credentials used from A->B Of course I do not want to hardcode this so how can I do this without hardcoding?

I tried, with no luck: 

WindowsIdentity callerWindowsIdentity = 
    ServiceSecurityContext.Current.WindowsIdentity;  
using (callerWindowsIdentity.Impersonate())

3 answers

solution1
 2  2009-08-10 09:15:43

Use 

System.Net.CredentialCache.DefaultNetworkCredentials

property. It represents the authentication credentials for the current security context in which the application is running. Details can be found here .

solution2
 1  2009-08-10 09:31:08

It seems to be a "double hop" authentication problem. In short, NTLM doesn't alllow more than one "hop" with it's credentials (token). So user authenticates on server 1 with it's token, and in turn, server 1 tries to send the token to server 2. This won't work, unless Kerberos deleguation is allowed between server 1 and 2.

More details here : http://weblogs.asp.net/owscott/archive/2008/08/22/iis-windows-authentication-and-the-double-hop-issue.aspx And here : http://blogs.msdn.com/nunos/archive/2004/03/12/88468.aspx

solution3
 0  2009-08-10 09:06:46

Perhaps the class 

System.Net.CredentialCache

could be helpfull ... It has the DefaultCredentials and DefaultNetworkCredentials properties that you can use. Offcourse, you will have to make sure that your application runs under the credentials that you want (that is , the credentials of the current user). This can be done by calling 

AppDomain.CurrentDomain.SetPrincipalPolicy (PrincipalPolicy.WindowsPrincipal);

At the start of your program.

Then, when you initialize the WCF service, you can use the DefaultNetworkCredentials provided by the CredentialCache . 

channel.Credentials.Windows.ClientCredential = CredentialCache.DefaultNetworkCredentials;
IService1 service = channel.CreateChannel();

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question WCF and passing windows credentials WCF. Use windows credentials on service side Pass Windows credentials to remote https WCF service Connecting to WCF service in Windows Phone 8 (C#) by using domain credentials load balancing WCF with wsHttpBinding and Message Security with client credentials type windows IIS Hosted WCF Rest Service keeeps prompting for Windows Auth Credentials The server has rejected the client credentials, WCF as Windows Service Pass windows credentials when invoke wcf service from other wcf service Specifying Credentials for WCF Authentication Setting credentials for a WCF application?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM