如何使用TransportClientCredentialsOnly安全模式使用WCF Rest服务?

时间:2014-10-08 09:46:35

标签: c# web-services wcf rest

我花了一天的时间来弄清楚如何使用TransactionCredentialOnly安全模式使用wcf休息服务,客户端类型和代理类型为Windows

但是我错过了一些我不知道的事情。

服务主机和主叫代码在同一台机器上(当然,我正在调试) 这是回复Unauthorized。我预计它是成功状态,但事实并非如此。

StatusCode: 401, ReasonPhrase: 'Unauthorized', Version: 1.1, Content: System.Net.Http.StreamContent, Headers:
{
  X-SourceFiles: =?UTF-8?B?QzpcU2ltdWxhdG9yXEJyb2tlcmFnZUZpcm1cUHJvZmlsZVNlcnZpY2Uuc3ZjXGdyb3Vwcw==?=
  Cache-Control: private
  Server: Microsoft-IIS/8.0
  WWW-Authenticate: Negotiate
  WWW-Authenticate: NTLM
  X-Powered-By: ASP.NET
  Date: Wed, 08 Oct 2014 09:41:53 GMT
  Content-Length: 6088
  Content-Type: text/html; charset=utf-8
}

我有一个WCF Rest服务,方法是:

[ServiceContract]
public class IProfileService
{

    [OperationContract]
    [WebGet(UriTemplate = "groups")]
    IList<Group> ListGroups();
}

的Web.config 

<webHttpBinding>
    <binding name="WebHttpBinding">
      <security mode="TransportCredentialOnly">
        <transport clientCredentialType="Windows" proxyCredentialType="Windows" />
      </security>
    </binding>
  </webHttpBinding>
</bindings>
<services>
  <service behaviorConfiguration="DefaultBehavior" name="MyNamespace.ProfileService">
    <endpoint address="mex" binding="mexHttpBinding" name="" contract="IMetadataExchange" />
    <endpoint behaviorConfiguration="RestFulBehavior" binding="webHttpBinding" bindingConfiguration="WebHttpBinding" name="ProfileServiceRestEndpoint" bindingName="ProfileServiceRestBinding" contract="MyNamespace.IProfileService" />
  </service>


<behaviors>
  <endpointBehaviors>
    <behavior name="RestFulBehavior">
      <webHttp automaticFormatSelectionEnabled="true" />
    </behavior>
  </endpointBehaviors>
  <serviceBehaviors>
    <behavior name="DefaultBehavior">
      <serviceMetadata httpGetEnabled="true" />
      <serviceDebug includeExceptionDetailInFaults="true" />
      <serviceAuthorization principalPermissionMode="None" />
    </behavior>
  </serviceBehaviors>
</behaviors>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />

控制台应用程序:

class Program
{
    static void Main(string[] args)
    {
        using (var client = new HttpClient())
        {
            HttpResponseMessage response = client.GetAsync("http://localhost:3522/ProfileService.svc/groups").Result;

            Console.WriteLine(response);
            Console.ReadLine();
        }
    }
}

WCF项目的IIS配置

Always Start When Debugging: True
Anonymous Authentication: Enabled
Managed Pipeline Mode: Intergrated
SSL Enabled: True
SSL URL: localhost:44300
URL: localhost:3522
Windows Authentication: Enabled

1 个答案:

答案 0 :(得分:0)

我认为此服务尚未启用Windows身份验证模式。您可以尝试在IIS中启用Windows身份验证。

如果服务在IIS express上运行,则更改applicationhost.config(位于.. \ Documents \ IIS Express \ config)以启用Windows身份验证。

相关问题
最新问题