[英]WCF windows authentication
我希望我們的WCF服務返回當前登錄的用戶名。 我在服務中稱呼這個
HttpContext.Current.User.Identity.Name
但是,當我的Silverlight應用程序調用WCF服務時, 我不希望向用戶顯示NT挑戰 。 目前,我禁用了匿名訪問並啟用了集成身份驗證,因此,由於此原因,我無法將服務添加到VS2010中的服務引用中。 我該怎么做? 還應該是什么WCF服務的web.config設置。 我當前正在將basicHttpBinding的安全模式設置為None。
添加Web.config:服務器:
<system.serviceModel>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true"/>
<behaviors>
<serviceBehaviors>
<behavior name="MyService.MyServiceBehavior">
<serviceMetadata httpGetEnabled="true"/>
<serviceDebug includeExceptionDetailInFaults="true"/>
<dataContractSerializer maxItemsInObjectGraph="2147483647"/>
</behavior>
</serviceBehaviors>
</behaviors>
<bindings>
<basicHttpBinding>
<binding name="BasicHttpBinding_MyService" maxBufferSize="2147483647" maxReceivedMessageSize="2147483647" receiveTimeout="00:40:00" openTimeout="00:40:00" closeTimeout="00:40:00" sendTimeout="00:40:00">
<readerQuotas maxDepth="2147483647" maxStringContentLength="2147483647" maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647"/>
<security mode="None"/>
</binding>
</basicHttpBinding>
<customBinding>
<binding name="MyService.MyService.customBinding0">
<binaryMessageEncoding/>
<httpTransport/>
</binding>
</customBinding>
</bindings>
<services>
<service behaviorConfiguration="MyService.MyServiceBehavior" name="MyService.MyService">
<endpoint address="" binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_MyService" name="BasicHttpBinding_MyService" contract="MyService.IMyService"/>
</service>
</services>
</system.serviceModel>
客戶:
<system.serviceModel>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true"/>
<behaviors>
<serviceBehaviors>
<behavior name="MyService_Behavior">
<serviceDebug includeExceptionDetailInFaults="true"/>
<serviceMetadata httpGetEnabled="true"/>
</behavior>
</serviceBehaviors>
<endpointBehaviors>
<behavior name="r1">
<dataContractSerializer maxItemsInObjectGraph="2147483647"/>
</behavior>
</endpointBehaviors>
</behaviors>
<bindings>
<basicHttpBinding>
<binding name="BasicHttpBinding_MyService" closeTimeout="00:03:00" openTimeout="00:03:00" receiveTimeout="00:10:00" sendTimeout="00:03:00" allowCookies="false" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard" maxBufferSize="2147483647" maxBufferPoolSize="2147483647" maxReceivedMessageSize="2147483647" messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered" useDefaultWebProxy="true">
<security mode="None"/>
</binding>
</basicHttpBinding>
</bindings>
<client>
<endpoint address="http://localhost:8080/MyService/MyService.svc" binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_MyService" contract="MyService.IMyService" name="BasicHttpBinding_MyService" behaviorConfiguration="r1"/>
</client>
</system.serviceModel>
嘗試使用以下psudo客戶端配置將以下端點行為添加到端點
<behaviors>
<endpointBehaviors>
<behavior name="WindowsBehavior">
<clientCredentials>
<windows allowNtlm="false" allowedImpersonationLevel="Delegation"></windows>
</clientCredentials>
<dataContractSerializer maxItemsInObjectGraph="4194304"></dataContractSerializer>
</behavior>
</endpointBehaviors>
</behaviors>
<endpoint address="http://server/web.svc" behaviorConfiguration="WindowsBehavior" binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_Service" contract="IMyContract" name="BasicHttpBinding_Service">
您需要在服務綁定配置中啟用Windows身份驗證。 即在您的綁定定義部分中引用此綁定cinfig
<bindings>
<basicHttpBinding>
<binding name="basicBindingCfg">
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Windows" />
</security>
</binding>
</basicHttpBinding>
</bindings>
另外在您的Web配置中,您需要設置Windows身份驗證
並允許用戶使用授權標簽:
<authentication mode="Windows"/>
<authorization>
<allow roles="<NT group>"/>
<allow users="<user name>"/>
<deny users="*"/>
</authorization>
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.