如何使用TransportClientCredentialsOnly安全模式的WCF Rest服务
本文关键字:WCF Rest 服务 安全模式 何使用 TransportClientCredentialsOnly | 更新日期: 2023-09-27 18:25:58
我花了一天时间研究如何使用TransactionCredentialOnly安全模式的wcf rest服务,客户端类型和代理类型为Windows
但我错过了一些我不知道的事情。
服务主机和调用代码在同一台机器上(当然,我正在调试)这是响应Unauthorized
。我原以为这是一种成功的状态,但事实并非如此。
StatusCode: 401, ReasonPhrase: 'Unauthorized', Version: 1.1, Content: System.Net.Http.StreamContent, Headers:
{
X-SourceFiles: =?UTF-8?B?QzpcU2ltdWxhdG9yXEJyb2tlcmFnZUZpcm1cUHJvZmlsZVNlcnZpY2Uuc3ZjXGdyb3Vwcw==?=
Cache-Control: private
Server: Microsoft-IIS/8.0
WWW-Authenticate: Negotiate
WWW-Authenticate: NTLM
X-Powered-By: ASP.NET
Date: Wed, 08 Oct 2014 09:41:53 GMT
Content-Length: 6088
Content-Type: text/html; charset=utf-8
}
我有一个WCF Rest服务,方法是:
[ServiceContract]
public class IProfileService
{
[OperationContract]
[WebGet(UriTemplate = "groups")]
IList<Group> ListGroups();
}
Web.config
<webHttpBinding>
<binding name="WebHttpBinding">
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Windows" proxyCredentialType="Windows" />
</security>
</binding>
</webHttpBinding>
</bindings>
<services>
<service behaviorConfiguration="DefaultBehavior" name="MyNamespace.ProfileService">
<endpoint address="mex" binding="mexHttpBinding" name="" contract="IMetadataExchange" />
<endpoint behaviorConfiguration="RestFulBehavior" binding="webHttpBinding" bindingConfiguration="WebHttpBinding" name="ProfileServiceRestEndpoint" bindingName="ProfileServiceRestBinding" contract="MyNamespace.IProfileService" />
</service>
<behaviors>
<endpointBehaviors>
<behavior name="RestFulBehavior">
<webHttp automaticFormatSelectionEnabled="true" />
</behavior>
</endpointBehaviors>
<serviceBehaviors>
<behavior name="DefaultBehavior">
<serviceMetadata httpGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
<serviceAuthorization principalPermissionMode="None" />
</behavior>
</serviceBehaviors>
</behaviors>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
控制台应用程序:
class Program
{
static void Main(string[] args)
{
using (var client = new HttpClient())
{
HttpResponseMessage response = client.GetAsync("http://localhost:3522/ProfileService.svc/groups").Result;
Console.WriteLine(response);
Console.ReadLine();
}
}
}
WCF项目的IIS配置
Always Start When Debugging: True
Anonymous Authentication: Enabled
Managed Pipeline Mode: Intergrated
SSL Enabled: True
SSL URL: localhost:44300
URL: localhost:3522
Windows Authentication: Enabled
我认为该服务尚未启用windows身份验证模式。你能尝试在IIS中启用windows身份验证吗。
如果服务在IIS express上运行,请更改applicationhost.config(位于..''Documents''IIS express''config)以启用windows身份验证。