我有一个Windows窗体应用程序调用"商务" WCF服务。让我们称之为Business1。 Business1然后调用Service1 - 我希望客户端的凭据通过Busines1流入Service1。
目前我的身份验证失败"来自Busines1 - 呼叫甚至没有进入第二次服务。
我已按如下方式配置此服务:
商业1配置:
<system.serviceModel>
<client>
<endpoint address="http://cdm/ecm/DocumentManagement.svc" binding="wsHttpBinding"
bindingConfiguration="ConversantDocumentManagement" contract="ECM.IDocumentManagement" behaviorConfiguration="DelegationBehavior"
name="ConversantDocumentManagement">
</endpoint>
</client>
<services>
<service name="Conversant.Applications.Services.Prosecution.ProsecutionService" behaviorConfiguration="ProsecutionServiceBehavior" >
<endpoint address="" binding="wsHttpBinding" name="ConversantProsecutionServiceEndpoint" contract="Conversant.Applications.Services.Prosecution.IProsecutionService" bindingConfiguration="ConversantProsecutionBinding"/>
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange"/>
</service>
</services>
<bindings>
<wsHttpBinding>
<binding name="ConversantProsecutionBinding" maxReceivedMessageSize="2147483647">
<security mode="Message">
<message clientCredentialType="Windows" negotiateServiceCredential="true" />
</security>
</binding>
<binding name="ConversantDocumentManagement">
<security mode="Message">
<message clientCredentialType="Windows" negotiateServiceCredential="true" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior name="ProsecutionServiceBehavior">
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
<serviceAuthorization impersonateCallerForAllOperations="true" />
</behavior>
</serviceBehaviors>
<endpointBehaviors>
<behavior name="DelegationBehavior">
<clientCredentials>
<windows allowedImpersonationLevel="Delegation" allowNtlm="true" />
</clientCredentials>
</behavior>
</endpointBehaviors>
</behaviors>
<protocolMapping>
<!--<add binding="basicHttpsBinding" scheme="https"/>
<add binding="wsHttpBinding" scheme="https"/>-->
</protocolMapping>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true"/>
Service1配置:
<system.serviceModel>
<services>
<service behaviorConfiguration="ECMServiceBehavior" name="Conversant.Applications.Services.ECM.Authentication">
<endpoint address="" binding="wsHttpBinding" bindingConfiguration="wsHttpBinding_Authentication"
name="ConversantDocumentManagement" contract="Conversant.Applications.Services.ECM.IAuthentication" >
</endpoint>
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />
</service>
<service behaviorConfiguration="ECMServiceBehavior" name="Conversant.Applications.Services.ECM.DocumentManagement">
<endpoint address="" binding="wsHttpBinding" bindingConfiguration="wsHttpBinding_DocumentManagement"
name="ConversantDocumentManagement" contract="Conversant.Applications.Services.ECM.IDocumentManagement">
</endpoint>
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />
</service>
</services>
<bindings>
<basicHttpBinding>
<binding name="BasicHttpBinding_DocumentManagement" receiveTimeout="00:05:00"
maxReceivedMessageSize="2147483647" />
<binding name="BasicHttpBinding_Authentication" />
<binding name="BasicHttpBinding_ContentService" messageEncoding="Mtom" />
<binding name="ECMServer_NoAuth" maxReceivedMessageSize="2147483647"
transferMode="Streamed">
<security mode="None" />
</binding>
<binding name="AuthenticationPortBinding" />
</basicHttpBinding>
<wsHttpBinding><binding name="wsHttpBinding_DocumentManagement" receiveTimeout="00:05:00"
maxBufferPoolSize="2147483647" maxReceivedMessageSize="2147483647" >
<security mode="Message">
<message clientCredentialType="Windows" negotiateServiceCredential="true"/>
</security>
</binding>
<binding name="wsHttpBinding_Authentication">
<security mode="Message">
<message clientCredentialType="Windows" negotiateServiceCredential="true" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior name="ECMServiceBehavior">
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="false" />
<serviceDebug includeExceptionDetailInFaults="true" />
<serviceAuthorization impersonateCallerForAllOperations="true" />
</behavior>
</serviceBehaviors>
<endpointBehaviors>
<behavior name="myBehavior">
<clientCredentials>
<windows allowedImpersonationLevel="Impersonation" allowNtlm="true" />
</clientCredentials>
</behavior>
</endpointBehaviors>
</behaviors>
<protocolMapping>
<add binding="basicHttpsBinding" scheme="https" />
</protocolMapping>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
</system.serviceModel>
最后为了完成,Windows窗体客户端(好吧,它现在实际上是一个单元测试客户端 - 但同样的想法)
客户端配置:
<system.serviceModel>
<bindings>
<wsHttpBinding>
<binding name="ConversantProsecutionServiceEndpoint" openTimeout="00:03:00"
receiveTimeout="00:05:00" sendTimeout="00:05:00">
<security mode="Message">
<message clientCredentialType="Windows" negotiateServiceCredential="true" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<client>
<endpoint address="http://cdm/prosecution/ProsecutionService.svc"
binding="wsHttpBinding" bindingConfiguration="ConversantProsecutionServiceEndpoint"
contract="ProsecutionService.IProsecutionService" name="ConversantProsecutionServiceEndpoint" behaviorConfiguration="DelegationBehavior">
</endpoint>
</client>
<behaviors>
<endpointBehaviors>
<behavior name="DelegationBehavior">
<clientCredentials>
<windows allowedImpersonationLevel="Delegation" allowNtlm="true" />
</clientCredentials>
</behavior>
</endpointBehaviors>
</behaviors>
</system.serviceModel>
我希望从Business1到Service1的调用在当前登录的用户下完成。
domain \ johndoe应该是用户一直通过电话。
任何人都有使用WCF进行模拟/委派示例的链接?
谢谢!
答案 0 :(得分:0)
如果存在多跳请求,并且您希望将Windows凭据从一个服务器传递到另一个服务器,则必须设置&#34;服务主体名称(SPN)&#34;和&#34;委托请求&#34;。
如果您不这样做,则无法在多跳环境中传入登录的用户凭据。