Fatal编程技术网

C# WCF身份验证

c# .net wcf authentication

C# WCF身份验证,c#,.net,wcf,authentication,basichttpbinding,C#,.net,Wcf,Authentication,Basichttpbinding,我们正在.NET3.5中构建一些核心服务,并通过WCF公开这些服务。只能在内部(即在内部网内)访问服务。这些服务只需要验证调用用户的windows凭据并获取其AD/功能组 serives需要使用NetTcpBinding和BasicHttpBinding公开 对于这两种绑定类型,我需要向节中添加什么配置?就是这个, <system.serviceModel> <services> <service name="WCFTest.Calculat

我们正在.NET3.5中构建一些核心服务,并通过WCF公开这些服务。只能在内部(即在内部网内)访问服务。这些服务只需要验证调用用户的windows凭据并获取其AD/功能组

serives需要使用NetTcpBinding和BasicHttpBinding公开

对于这两种绑定类型,我需要向节中添加什么配置?就是这个,

  <system.serviceModel>
    <services>
      <service name="WCFTest.CalculatorService" behaviorConfiguration="WCFTest.CalculatorBehavior">
        <host>
          <baseAddresses>
            <add baseAddress = "http://localhost:8000/WCFTest/CalculatorService/" />
            <add baseAddress = "net.tcp://localhost:9000/WCFTest/CalculatorService/" />
          </baseAddresses>
        </host>

        <endpoint address ="basicHttpEP" binding="basicHttpBinding" contract="WCFTest.ICalculatorService"/>
        <endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange"/>

        <endpoint address ="netTcpEP" binding="netTcpBinding" contract="WCFTest.ICalculatorService"/>
        <endpoint address="mex" binding="mexTcpBinding" contract="IMetadataExchange"/>

      </service>
    </services>
    <behaviors>
      <serviceBehaviors>
        <behavior name="WCFTest.CalculatorBehavior">          
          <serviceAuthorization impersonateCallerForAllOperations="false"  principalPermissionMode="UseWindowsGroups" />
          <serviceCredentials >
            <windowsAuthentication allowAnonymousLogons="false" includeWindowsGroups="true" />
          </serviceCredentials>    
          <serviceMetadata httpGetEnabled="True"/>
          <serviceDebug includeExceptionDetailInFaults="False" />
        </behavior>
      </serviceBehaviors>
    </behaviors>
  </system.serviceModel>
是这样吗?这会同时适用于我的NetTcp和BasicHttp绑定吗

谢谢在VisualStudio2008中转到工具->WCF服务配置编辑器。打开您的配置文件并编辑其中的设置。

否。netTcpBinding没有任何配置:默认情况下,它使用Windows身份验证。对于basicHttpBinding,需要在绑定配置上指定所需的身份验证机制(因为basicHttpBinding默认情况下不使用身份验证):



<system.serviceModel>
  <bindings>
    <basicHttpBinding>
      <binding name="DefaultBasicHttpBinding">
        <security mode="TransportCredentialsOnly">
          <transport clientCredentialType="Windows"/>
        </security>
      </binding>
    </basicHttpBinding>
  </bindings>
  <services>
    <service name="WCFTest.CalculatorService" behaviorConfiguration="WCFTest.CalculatorBehavior">
      <host>
        <baseAddresses>
          <add baseAddress="http://localhost:8000/WCFTest/CalculatorService/" />
          <add baseAddress="net.tcp://localhost:9000/WCFTest/CalculatorService/" />
        </baseAddresses>
      </host>
      <endpoint address="basicHttpEP" binding="basicHttpBinding" contract="WCFTest.ICalculatorService"/>
      <endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange"/>
      <endpoint address="netTcpEP" binding="netTcpBinding" contract="WCFTest.ICalculatorService"/>
      <endpoint address="mex" binding="mexTcpBinding" contract="IMetadataExchange"/>
    </service>
  </services>
  <behaviors>
    <serviceBehaviors>
      <behavior name="WCFTest.CalculatorBehavior">          
        <serviceMetadata httpGetEnabled="True"/>
        <serviceDebug includeExceptionDetailInFaults="False"/>
      </behavior>
    </serviceBehaviors>
  </behaviors>
</system.serviceModel>