SharePoint 2010 自定义 WCF 服务 - Windows 和 FBA 身份验证
我已为外部用户的 Windows 和基于表单的身份验证 (FBA) 配置了 SharePoint 2010 的基于声明的身份验证 。我还需要开发自定义 WCF 服务。问题是我希望将 Windows 凭据传递到 WCF 服务中;但是,我似乎无法将 Windows 凭据传递到服务中。我的自定义 WCF 服务似乎正在使用匿名身份验证(必须在 IIS 中启用该身份验证才能显示 FBA 登录屏幕)。
我尝试遵循的示例位于 http://msdn.microsoft.com/en-us/库/ff521581.aspx。
WCF 服务部署到 _vti_bin(ISAPI 文件夹)。
这是 .svc 文件的代码
<%@ ServiceHost Language="C#" Debug="true"
Service="MyCompany.CustomerPortal.SharePoint.UI.ISAPI.MyCompany.Services.LibraryManagers.LibraryUploader, $SharePoint.Project.AssemblyFullName$"
Factory="Microsoft.SharePoint.Client.Services.MultipleBaseAddressBasicHttpBindingServiceHostFactory, Microsoft.SharePoint.Client.ServerRuntime, Version=14.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c"
CodeBehind="LibraryUploader.svc.cs" %>
这是 .svc 文件的代码
[ServiceContract]
public interface ILibraryUploader
{
[OperationContract]
string SiteName(); }
[BasicHttpBindingServiceMetadataExchangeEndpoint]
[AspNetCompatibilityRequirements(RequirementsMode = AspNetCompatibilityRequirementsMode.Required)]
public class LibraryUploader : ILibraryUploader
{
//just try to return site title right now…
public string SiteName()
{
WindowsIdentity identity = ServiceSecurityContext.Current.WindowsIdentity;
ClaimsIdentity claimsIdentity = new ClaimsIdentity(identity);
return SPContext.Current.Web.Title;
}
}
我刚刚测试它的 WCF 测试客户端(WPF 应用程序)使用以下代码来调用 WCF 服务...
private void Button1Click(object sender, RoutedEventArgs e)
{
BasicHttpBinding binding = new BasicHttpBinding();
binding.Security.Mode = BasicHttpSecurityMode.TransportCredentialOnly;
binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Ntlm;
EndpointAddress endpoint =
new EndpointAddress(
"http://dev.portal.data-image.local/_vti_bin/MyCompany.Services/LibraryManagers/LibraryUploader.svc");
LibraryUploaderClient libraryUploader = new LibraryUploaderClient(binding, endpoint);
libraryUploader.ClientCredentials.Windows.AllowedImpersonationLevel =
System.Security.Principal.TokenImpersonationLevel.Impersonation;
MessageBox.Show(libraryUploader.SiteName());
}
我有点缺乏经验涉及索赔时使用 IIS 安全设置/配置并尝试同时使用 Windows 和 FBA。我在 WCF 安全配置方面也缺乏经验。我通常开发内部商务应用程序,并让 Visual Studio 决定使用什么,因为安全性很少是一个问题。
I have SharePoint 2010 configured for Claims Based Authentication with both Windows and Forms Based Authentication (FBA) for external users. I also need to develop custom WCF Services. The issue is that I want Windows credentials passed into the WCF Service(s); however, I cannot seem to get the Windows credentials passed into the services. My custom WCF service appears to be using Anonymous authentication (which has to be enabled in IIS in order to display the FBA login screen).
The example I have tried to follow is found at http://msdn.microsoft.com/en-us/library/ff521581.aspx.
The WCF service gets deployed to _vti_bin (ISAPI folder).
Here is the code for the .svc file
<%@ ServiceHost Language="C#" Debug="true"
Service="MyCompany.CustomerPortal.SharePoint.UI.ISAPI.MyCompany.Services.LibraryManagers.LibraryUploader, $SharePoint.Project.AssemblyFullName$"
Factory="Microsoft.SharePoint.Client.Services.MultipleBaseAddressBasicHttpBindingServiceHostFactory, Microsoft.SharePoint.Client.ServerRuntime, Version=14.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c"
CodeBehind="LibraryUploader.svc.cs" %>
Here is the code behind for the .svc file
[ServiceContract]
public interface ILibraryUploader
{
[OperationContract]
string SiteName(); }
[BasicHttpBindingServiceMetadataExchangeEndpoint]
[AspNetCompatibilityRequirements(RequirementsMode = AspNetCompatibilityRequirementsMode.Required)]
public class LibraryUploader : ILibraryUploader
{
//just try to return site title right now…
public string SiteName()
{
WindowsIdentity identity = ServiceSecurityContext.Current.WindowsIdentity;
ClaimsIdentity claimsIdentity = new ClaimsIdentity(identity);
return SPContext.Current.Web.Title;
}
}
The WCF test client I have just to test it out (WPF app) uses the following code to call the WCF service...
private void Button1Click(object sender, RoutedEventArgs e)
{
BasicHttpBinding binding = new BasicHttpBinding();
binding.Security.Mode = BasicHttpSecurityMode.TransportCredentialOnly;
binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Ntlm;
EndpointAddress endpoint =
new EndpointAddress(
"http://dev.portal.data-image.local/_vti_bin/MyCompany.Services/LibraryManagers/LibraryUploader.svc");
LibraryUploaderClient libraryUploader = new LibraryUploaderClient(binding, endpoint);
libraryUploader.ClientCredentials.Windows.AllowedImpersonationLevel =
System.Security.Principal.TokenImpersonationLevel.Impersonation;
MessageBox.Show(libraryUploader.SiteName());
}
I am somewhat inexperienced with IIS security settings/configurations when it comes to Claims and trying to use both Windows and FBA. I am also inexperienced when it comes to WCF configurations for security. I usually develop internal biz apps and let Visual Studio decide what to use because security is rarely a concern.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
我想我找到了答案。关键是创建一个 web.config 文件并将其部署在与 .svc 文件相同的文件夹中。 web.config 文件需要指定绑定以使用“wsHttpBinding”而不是“basicHttpBinding”。我还删除了 .svc 声明中的 Factory 属性和类上的 BasicHttpBindingServiceMetadataExchangeEndpoint 属性。
I think I figured out the answer. The key is to create a web.config file and deploy in the same folder as the .svc file. The web.config file needs to specify the binding to use "wsHttpBinding" instead of "basicHttpBinding". I also removed the Factory attribute in the .svc declaration and the BasicHttpBindingServiceMetadataExchangeEndpoint attribute on the class.