在我的 WCF Web 服务中获取 WindowsIdentity
我从不再与我们一起工作的开发人员那里接管了代码。它是一个 WCF Web 服务,最初使用传入的用户名,但我们需要它来使用 WindowsIdentity。
string identity = ServiceSecurityContext.Current.WindowsIdentity.Name;
该代码最终返回一个空字符串。我正在使用安全 (wsHttpSecure) 绑定,因此 ServiceSecurityContext.Current 不为 null 或任何内容。我已经寻找解决方案一天了,但还没有找到任何东西。
因为我是 WCF 新手,所以我不确定还有哪些其他相关信息。以下是 IIS 中启用的 Web 服务身份验证设置:
Anonymous Authentication - Enabled
Windows Authentication - Enabled
这是 Web 服务的 web.config:
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<connectionStrings>
<clear />
<add name="LocalSqlServer" connectionString="Data Source=.\instanceNameHere;Initial Catalog=default;Integrated Security=SSPI;"/>
</connectionStrings>
<appSettings configSource="appSettings.config" />
<system.diagnostics>
<sources>
<source name="System.ServiceModel" switchValue="Information, ActivityTracing" propagateActivity="true">
<listeners>
<add name="traceListener" type="System.Diagnostics.XmlWriterTraceListener" initializeData="c:\ServiceLogs\WebServiceLog.svclog" />
</listeners>
</source>
</sources>
</system.diagnostics>
<system.web>
<trace enabled="true" />
<membership defaultProvider="XIMembershipProvider" userIsOnlineTimeWindow="30">
<providers>
<clear/>
<add name="XIMembershipProvider" type="LolSoftware.MiddleTier.BusinessLogic.XIMembershipProvider"
applicationName="LolWebService"/>
</providers>
</membership>
<compilation debug="true" targetFramework="4.0" />
</system.web>
<system.serviceModel>
<client />
<serviceHostingEnvironment multipleSiteBindingsEnabled="true" />
<behaviors configSource="behaviors.config" />
<bindings configSource="bindings.config" />
<services configSource="services.config" />
</system.serviceModel>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true" />
<handlers>
<remove name="svc-ISAPI-4.0_64bit"/>
<remove name="svc-ISAPI-4.0"/>
<remove name="svc-Integrated-4.0"/>
<add name="svc-ISAPI-4.0_64bit" path="*.svc" verb="*" modules="IsapiModule" scriptProcessor="%systemroot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_isapi.dll" resourceType="Unspecified" preCondition="classicMode,runtimeVersionv4.0,bitness64" />
<add name="svc-ISAPI-4.0" path="*.svc" verb="*" modules="IsapiModule" scriptProcessor="%systemroot%\Microsoft.NET\Framework\v4.0.30319\aspnet_isapi.dll" resourceType="Unspecified" preCondition="classicMode,runtimeVersionv4.0,bitness32" />
<add name="svc-Integrated-4.0" path="*.svc" verb="*" type="System.ServiceModel.Activation.HttpHandler, System.ServiceModel.Activation, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" resourceType="Unspecified" preCondition="integratedMode" />
</handlers>
</system.webServer>
</configuration>
以及绑定.config:
<bindings>
<wsHttpBinding>
<binding name="wsHttpSecure">
<security mode="TransportWithMessageCredential">
<transport clientCredentialType="None" />
<message clientCredentialType="UserName" />
</security>
</binding>
<binding name="wsHttp">
<security mode="None" />
</binding>
</wsHttpBinding>
</bindings>
Behaviors.config:
<behaviors>
<serviceBehaviors>
<behavior name="serviceBehavior">
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
<serviceThrottling maxConcurrentCalls="200" maxConcurrentSessions="200" />
<serviceCredentials>
<userNameAuthentication userNamePasswordValidationMode="MembershipProvider" membershipProviderName="XIMembershipProvider"/>
</serviceCredentials>
</behavior>
</serviceBehaviors>
<!-- -->
<endpointBehaviors>
<behavior name="restBehavior">
<webHttp/>
</behavior>
</endpointBehaviors>
<!-- -->
</behaviors>
Service.config:
<services>
<service name="LolSoftware.MiddleTier.WebService.LolWebService" behaviorConfiguration="serviceBehavior">
<endpoint name="LolWebService_WSHttpEndpointSecure" contract="LolSoftware.MiddleTier.Interfaces.ILolWebService" binding="wsHttpBinding" bindingConfiguration="wsHttpSecure"/>
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />
</service>
</services>
提前致谢。
I took over code from a developer that is no longer with us. It's a WCF web service that was originally using a passed in username, but we need it to use the WindowsIdentity instead.
string identity = ServiceSecurityContext.Current.WindowsIdentity.Name;
That code ends up returning an empty string. I'm using a secure (wsHttpSecure) binding so ServiceSecurityContext.Current isn't null or anything. I've been searching for a solution for a day and haven't found anything yet.
Because I'm new to WCF I'm not sure what other information will be relevant. Here are the enabled authentication settings for the web service in IIS:
Anonymous Authentication - Enabled
Windows Authentication - Enabled
And here's the web.config for the web service:
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<connectionStrings>
<clear />
<add name="LocalSqlServer" connectionString="Data Source=.\instanceNameHere;Initial Catalog=default;Integrated Security=SSPI;"/>
</connectionStrings>
<appSettings configSource="appSettings.config" />
<system.diagnostics>
<sources>
<source name="System.ServiceModel" switchValue="Information, ActivityTracing" propagateActivity="true">
<listeners>
<add name="traceListener" type="System.Diagnostics.XmlWriterTraceListener" initializeData="c:\ServiceLogs\WebServiceLog.svclog" />
</listeners>
</source>
</sources>
</system.diagnostics>
<system.web>
<trace enabled="true" />
<membership defaultProvider="XIMembershipProvider" userIsOnlineTimeWindow="30">
<providers>
<clear/>
<add name="XIMembershipProvider" type="LolSoftware.MiddleTier.BusinessLogic.XIMembershipProvider"
applicationName="LolWebService"/>
</providers>
</membership>
<compilation debug="true" targetFramework="4.0" />
</system.web>
<system.serviceModel>
<client />
<serviceHostingEnvironment multipleSiteBindingsEnabled="true" />
<behaviors configSource="behaviors.config" />
<bindings configSource="bindings.config" />
<services configSource="services.config" />
</system.serviceModel>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true" />
<handlers>
<remove name="svc-ISAPI-4.0_64bit"/>
<remove name="svc-ISAPI-4.0"/>
<remove name="svc-Integrated-4.0"/>
<add name="svc-ISAPI-4.0_64bit" path="*.svc" verb="*" modules="IsapiModule" scriptProcessor="%systemroot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_isapi.dll" resourceType="Unspecified" preCondition="classicMode,runtimeVersionv4.0,bitness64" />
<add name="svc-ISAPI-4.0" path="*.svc" verb="*" modules="IsapiModule" scriptProcessor="%systemroot%\Microsoft.NET\Framework\v4.0.30319\aspnet_isapi.dll" resourceType="Unspecified" preCondition="classicMode,runtimeVersionv4.0,bitness32" />
<add name="svc-Integrated-4.0" path="*.svc" verb="*" type="System.ServiceModel.Activation.HttpHandler, System.ServiceModel.Activation, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" resourceType="Unspecified" preCondition="integratedMode" />
</handlers>
</system.webServer>
</configuration>
As well as bindings.config:
<bindings>
<wsHttpBinding>
<binding name="wsHttpSecure">
<security mode="TransportWithMessageCredential">
<transport clientCredentialType="None" />
<message clientCredentialType="UserName" />
</security>
</binding>
<binding name="wsHttp">
<security mode="None" />
</binding>
</wsHttpBinding>
</bindings>
Behaviors.config:
<behaviors>
<serviceBehaviors>
<behavior name="serviceBehavior">
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
<serviceThrottling maxConcurrentCalls="200" maxConcurrentSessions="200" />
<serviceCredentials>
<userNameAuthentication userNamePasswordValidationMode="MembershipProvider" membershipProviderName="XIMembershipProvider"/>
</serviceCredentials>
</behavior>
</serviceBehaviors>
<!-- -->
<endpointBehaviors>
<behavior name="restBehavior">
<webHttp/>
</behavior>
</endpointBehaviors>
<!-- -->
</behaviors>
Service.config:
<services>
<service name="LolSoftware.MiddleTier.WebService.LolWebService" behaviorConfiguration="serviceBehavior">
<endpoint name="LolWebService_WSHttpEndpointSecure" contract="LolSoftware.MiddleTier.Interfaces.ILolWebService" binding="wsHttpBinding" bindingConfiguration="wsHttpSecure"/>
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />
</service>
</services>
Thanks in advance.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
如果您想在服务上获取
WindowsIdentity,则必须使用 Windows 身份验证而不是UserName身份验证。请注意,Windows 身份验证仅适用于您域中的 Windows 帐户。您应该更改 IIS 配置并禁用匿名访问。然后将wsHttpBinding配置更改为:您不需要 ASP.NET 兼容性即可使用 Windows 身份验证。
If you want to get
WindowsIdentityon the service you must use Windows authentication instead ofUserNameauthentication. Be aware that Windows authentication works only for windows accounts in your domain. You should change your IIS configuration and disable anonymous access. Then changewsHttpBindingconfiguration to:You don't need ASP.NET compatibility to use Windows authentication.
如果您想使用标准 ASP.NET 方法,则需要将 ASP.NET 兼容性设置为 true:
当然,如果您在 IIS 中托管服务,那么这将是第一道攻击线。还有其他方法可以获取身份,但这应该适合您。
If you want to use the standard ASP.NET methodology, you need to set ASP.NET compatibility to true:
That would be the first line of attack, if you are hosting the service in IIS, of course. There are other ways to get identity, but this should work for you.