Geek Answers Handbook

Getting WindowsIdentity in my WCF Web Service

I took the code from a developer that we no longer have. This is a WCF web service that originally used the passed in username, but we need to use WindowsIdentity instead.

string identity = ServiceSecurityContext.Current.WindowsIdentity.Name;

This code ends with returning an empty string. I am using secure binding (wsHttpSecure), so ServiceSecurityContext.Current is not null or anything else. I searched for a solution during the day and have not found anything yet.

Since I'm new to WCF, I'm not sure what other information will be up to date. The following are the authentication options for the web service in IIS:

 Anonymous Authentication - Enabled Windows Authentication - Enabled

And here is web.config for the web service:

 <?xml version="1.0" encoding="UTF-8"?> <configuration> <connectionStrings> <clear /> <add name="LocalSqlServer" connectionString="Data Source=.\instanceNameHere;Initial Catalog=default;Integrated Security=SSPI;"/> </connectionStrings> <appSettings configSource="appSettings.config" /> <system.diagnostics> <sources> <source name="System.ServiceModel" switchValue="Information, ActivityTracing" propagateActivity="true"> <listeners> <add name="traceListener" type="System.Diagnostics.XmlWriterTraceListener" initializeData="c:\ServiceLogs\WebServiceLog.svclog" /> </listeners> </source> </sources> </system.diagnostics> <system.web> <trace enabled="true" /> <membership defaultProvider="XIMembershipProvider" userIsOnlineTimeWindow="30"> <providers> <clear/> <add name="XIMembershipProvider" type="LolSoftware.MiddleTier.BusinessLogic.XIMembershipProvider" applicationName="LolWebService"/> </providers> </membership> <compilation debug="true" targetFramework="4.0" /> </system.web> <system.serviceModel> <client /> <serviceHostingEnvironment multipleSiteBindingsEnabled="true" /> <behaviors configSource="behaviors.config" /> <bindings configSource="bindings.config" /> <services configSource="services.config" /> </system.serviceModel> <system.webServer> <modules runAllManagedModulesForAllRequests="true" /> <handlers> <remove name="svc-ISAPI-4.0_64bit"/> <remove name="svc-ISAPI-4.0"/> <remove name="svc-Integrated-4.0"/> <add name="svc-ISAPI-4.0_64bit" path="*.svc" verb="*" modules="IsapiModule" scriptProcessor="%systemroot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_isapi.dll" resourceType="Unspecified" preCondition="classicMode,runtimeVersionv4.0,bitness64" /> <add name="svc-ISAPI-4.0" path="*.svc" verb="*" modules="IsapiModule" scriptProcessor="%systemroot%\Microsoft.NET\Framework\v4.0.30319\aspnet_isapi.dll" resourceType="Unspecified" preCondition="classicMode,runtimeVersionv4.0,bitness32" /> <add name="svc-Integrated-4.0" path="*.svc" verb="*" type="System.ServiceModel.Activation.HttpHandler, System.ServiceModel.Activation, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" resourceType="Unspecified" preCondition="integratedMode" /> </handlers> </system.webServer> </configuration>

Also like bindings.config:

 <bindings> <wsHttpBinding> <binding name="wsHttpSecure"> <security mode="TransportWithMessageCredential"> <transport clientCredentialType="None" /> <message clientCredentialType="UserName" /> </security> </binding> <binding name="wsHttp"> <security mode="None" /> </binding> </wsHttpBinding> </bindings>

Behaviors.config:

 <behaviors> <serviceBehaviors> <behavior name="serviceBehavior"> <serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" /> <serviceDebug includeExceptionDetailInFaults="true" /> <serviceThrottling maxConcurrentCalls="200" maxConcurrentSessions="200" /> <serviceCredentials> <userNameAuthentication userNamePasswordValidationMode="MembershipProvider" membershipProviderName="XIMembershipProvider"/> </serviceCredentials> </behavior> </serviceBehaviors> <!-- --> <endpointBehaviors> <behavior name="restBehavior"> <webHttp/> </behavior> </endpointBehaviors> <!-- --> </behaviors>

Service.config:

 <services> <service name="LolSoftware.MiddleTier.WebService.LolWebService" behaviorConfiguration="serviceBehavior"> <endpoint name="LolWebService_WSHttpEndpointSecure" contract="LolSoftware.MiddleTier.Interfaces.ILolWebService" binding="wsHttpBinding" bindingConfiguration="wsHttpSecure"/> <endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" /> </service> </services>

Thanks in advance.

+4
source share
2 answers

If you want to get WindowsIdentity in the service, you should use Windows authentication instead of UserName verification. Keep in mind that Windows authentication only works for Windows accounts in your domain. You must change the IIS configuration and disable anonymous access. Then change the wsHttpBinding configuration to:

 <bindings> <wsHttpBinding> <binding name="wsHttpSecure"> <security mode="Transport"> <transport clientCredentialType="Windows" /> </security> </binding> </wsHttpBinding> </bindings>

You do not need ASP.NET compatibility to use Windows authentication.

+7
source

If you want to use the standard ASP.NET methodology, you need to establish ASP.NET compatibility:

 <system.serviceModel> <serviceHostingEnvironment aspNetCompatibilityEnabled="true" /> </system.serviceModel>

This will be the first line of attack if you, of course, host the service in IIS. There are other ways to get a personality, but this should work for you.

0
source

More articles:


All Articles