Sharepoint 2010 SharePoint 2010自定义WCF服务-Windows和FBA身份验证
我已为基于声明的身份验证配置了SharePoint 2010,并为外部用户使用了Windows和基于表单的身份验证(FBA)。我还需要开发自定义WCF服务。问题是我希望将Windows凭据传递到WCF服务;但是,我似乎无法将Windows凭据传递到服务中。我的自定义WCF服务似乎正在使用匿名身份验证(必须在IIS中启用身份验证才能显示FBA登录屏幕) 我尝试遵循的示例可以在中找到 WCF服务被部署到_vti_bin(ISAPI文件夹) 下面是.svc文件的代码Sharepoint 2010 SharePoint 2010自定义WCF服务-Windows和FBA身份验证,sharepoint-2010,forms-authentication,wcf-security,windows-authentication,Sharepoint 2010,Forms Authentication,Wcf Security,Windows Authentication,我已为基于声明的身份验证配置了SharePoint 2010,并为外部用户使用了Windows和基于表单的身份验证(FBA)。我还需要开发自定义WCF服务。问题是我希望将Windows凭据传递到WCF服务;但是,我似乎无法将Windows凭据传递到服务中。我的自定义WCF服务似乎正在使用匿名身份验证(必须在IIS中启用身份验证才能显示FBA登录屏幕) 我尝试遵循的示例可以在中找到 WCF服务被部署到_vti_bin(ISAPI文件夹) 下面是.svc文件的代码 <%@ ServiceHos
<%@ ServiceHost Language="C#" Debug="true"
Service="MyCompany.CustomerPortal.SharePoint.UI.ISAPI.MyCompany.Services.LibraryManagers.LibraryUploader, $SharePoint.Project.AssemblyFullName$"
Factory="Microsoft.SharePoint.Client.Services.MultipleBaseAddressBasicHttpBindingServiceHostFactory, Microsoft.SharePoint.Client.ServerRuntime, Version=14.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c"
CodeBehind="LibraryUploader.svc.cs" %>
[ServiceContract]
public interface ILibraryUploader
{
[OperationContract]
string SiteName(); }
[BasicHttpBindingServiceMetadataExchangeEndpoint]
[AspNetCompatibilityRequirements(RequirementsMode = AspNetCompatibilityRequirementsMode.Required)]
public class LibraryUploader : ILibraryUploader
{
//just try to return site title right now…
public string SiteName()
{
WindowsIdentity identity = ServiceSecurityContext.Current.WindowsIdentity;
ClaimsIdentity claimsIdentity = new ClaimsIdentity(identity);
return SPContext.Current.Web.Title;
}
}
我刚刚要测试的WCF测试客户端(WPF应用程序)使用以下代码调用WCF服务
private void Button1Click(object sender, RoutedEventArgs e)
{
BasicHttpBinding binding = new BasicHttpBinding();
binding.Security.Mode = BasicHttpSecurityMode.TransportCredentialOnly;
binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Ntlm;
EndpointAddress endpoint =
new EndpointAddress(
"http://dev.portal.data-image.local/_vti_bin/MyCompany.Services/LibraryManagers/LibraryUploader.svc");
LibraryUploaderClient libraryUploader = new LibraryUploaderClient(binding, endpoint);
libraryUploader.ClientCredentials.Windows.AllowedImpersonationLevel =
System.Security.Principal.TokenImpersonationLevel.Impersonation;
MessageBox.Show(libraryUploader.SiteName());
}
在声明和尝试同时使用Windows和FBA时,我对IIS安全设置/配置缺乏经验。在WCF安全配置方面,我也缺乏经验。我通常开发内部商务应用程序,并让Visual Studio决定使用什么,因为安全性很少是一个问题。我想我找到了答案。关键是创建一个web.config文件,并将其部署到与.svc文件相同的文件夹中。web.config文件需要指定要使用“wsHttpBinding”而不是“basicHttpBinding”的绑定。我还删除了.svc声明中的Factory属性和类上的BasicHttpBindingServiceMetadataExchangeEndpoint属性。能否将完整的web.config文件作为解决方案发布?我在WCF和2010基于声明的身份验证方面遇到了类似的问题。