WCF Service, Windows Authentication

问题

we wrote a WCF service, deployed on IIS. we chose Integrated Windows Authentication. service can not be used in this case but if we can set the authentication method of the IIS virtual directory to "Anonymous" for WCF services, then the error will go away. But "Anonymous" is not acceptable for our WCF service. We have to use Integrated Windows Authentication to authenticate the client. Any one knows how to fix this problem?

Thanks in advance,

Ashish

回答1:

You have to do a few things:

Uncheck the anonymous access from your Virtual forlder and check Integrated windows security.

Create the following binding configuration:

  <basicHttpBinding>
 <binding name="Binding1">
    <security mode="TransportCredentialOnly">
        <transport clientCredentialType="Windows"  />
    </security>
 </binding>
 </basicHttpBinding>

Apply the above configuration to your service and mex:

   <endpoint address="" binding="basicHttpBinding" bindingConfiguration="Binding1" contract="IService">
</endpoint>


   <endpoint address="mex" binding="basicHttpBinding" bindingConfiguration="Binding1" contract="IMetadataExchange">
</endpoint>

Create a client and use NetworkCredential to pass your credentials:

       ServiceReference.MyClient proxy = new ServiceReference.MyClient();
       proxy.ClientCredentials.Windows.ClientCredential = new System.Net.NetworkCredential("MACHINENAME\\USERACCOUNT", "passwrd");
       proxy.YourServiceOperation();

There are other ways to set username & password indivdually but it didn't work in .Net 4.0. USERACCOUNT is a domain account or LDAP to which your WCF host computer is joined to. If server isnt joined to a domain then create an account locally by running "lusrmgr.msc"