WCF + user credentials

Question

WCF + user credentials

I am working on a Silverlight v3 web application and I would like to access the WCF service that I use to retrieve my data. WCF is currently working fine, but it does not require any user credentials.

I do not really understand this aspect of WCF, so my first idea was to add username and password parameters to each of my service operations. The problem with this is that it will require a lot of redundant code, as well as the fact that the username and password will be transmitted over the wire in plain text.

What I would like is a way to specify client-side credentials immediately after creating my proxy server (I use a proxy server created from "Add service link").

When searching for a solution for this, I could find solutions similar to my first idea (using username / password options). Can someone point me in the right direction?

Thanks!

+5

passwords credentials silverlight-3.0 wcf

Charles Jul 18 '09 at 12:21

source share

3 answers

- !

WCF - ! , , - , !

WCF Michele Leroux Bustamante: http://www.devx.com/codemag/Article/33342

- :

:

<bindings>
  <basicHttpBinding>
    <binding name="SecuredBasicHttp" >
      <security mode="Message">
        <message clientCredentialType="UserName"/>
      </security>
    </binding>
  </basicHttpBinding>
</bindings>
<services>
  <service name="YourService">
    <endpoint address="http://localhost:8000/MyService"
              binding="basicHttpBinding"
              bindingConfiguration="SecuredBasicHttp"
              contract="IYourService" />
  </service>
</services>

:

<bindings>
  <basicHttpBinding>
    <binding name="SecuredBasicHttp" >
      <security mode="Message">
        <message clientCredentialType="UserName"/>
      </security>
    </binding>
  </basicHttpBinding>
</bindings>
<client>
    <endpoint address="http://localhost:8000/MyService"
              binding="basicHttpBinding"
              bindingConfiguration="SecuredBasicHttp"
              contract="IYourService" />
</client>

- :

YourServiceClient client = new YourServiceClient();

client.ClientCredentials.UserName.UserName = "your user name";
client.ClientCredentials.UserName.Password = "top$secret";

, - , Windows (Active Directory), ASP.NET. , , .

, - - WCF - , , , !: -)

+1

marc_s 18 . '09 8:32

- WCF. # (http://www.postsharp.org/) , . .

0

Steve 18 . '09 0:27

blowdart · Accepted Answer · 2009-07-18T08:51:06+0000

Where do these usernames and passwords come from? If your website already implements forms authentication, you can bypass the credential settings yourself and use the forms authentication cookie. If your users are logged in, the cookie will be sent with a web service call. To read it on the other hand, you need to make a couple of changes.

First you need to enable ASP.NET compatibility mode for WCF in the system.ServiceModel section:

<system.serviceModel>  
    <serviceHostingEnvironment aspNetCompatibilityEnabled="true" /> 
</system.serviceModel>

, , , cookie ASP.NET [AspNetCompatibilityRequirements]

[ServiceContract]
[AspNetCompatibilityRequirements(
    RequirementsMode = AspNetCompatibilityRequirementsMode.Allowed)]
public class ExampleService
{
}

HttpContext.Current.User.Identity, .

, , PrincipalPermission,

[OperationContract]
[PrincipalPermission(SecurityAction.Demand, Authenticated=true)]
public string Echo()

, ASP.NET, , PrincipalPermission , :

[OperationContract]
[PrincipalPermission(SecurityAction.Demand, Role="Administators")]
public string NukeTheSiteFromOrbit()

Silverlight2.

WCF + user credentials

More articles: