SharePoint 2010自定义WCF服务 - Windows和FBA身份验证

时间:2011-02-09 15:33:35

标签: sharepoint-2010 forms-authentication wcf-security windows-authentication

我为 Windows 基于表单的身份验证(FBA)配置了 SharePoint 2010 基于声明的身份验证对于外部用户。我还需要开发自定义WCF服务。问题是我希望Windows凭据传递到WCF服务;但是,我似乎无法将Windows凭据传递到服务中。我的自定义WCF服务似乎使用匿名身份验证(必须在IIS中启用才能显示FBA登录屏幕)。

我试图关注的示例位于http://msdn.microsoft.com/en-us/library/ff521581.aspx

WCF服务部署到_vti_bin(ISAPI文件夹)。

以下是.svc文件的代码

<%@ ServiceHost Language="C#" Debug="true" 
Service="MyCompany.CustomerPortal.SharePoint.UI.ISAPI.MyCompany.Services.LibraryManagers.LibraryUploader, $SharePoint.Project.AssemblyFullName$" 
Factory="Microsoft.SharePoint.Client.Services.MultipleBaseAddressBasicHttpBindingServiceHostFactory, Microsoft.SharePoint.Client.ServerRuntime, Version=14.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c"
CodeBehind="LibraryUploader.svc.cs" %>

以下是.svc文件背后的代码

[ServiceContract]
public interface ILibraryUploader
{
    [OperationContract]
    string SiteName();    }

[BasicHttpBindingServiceMetadataExchangeEndpoint]
[AspNetCompatibilityRequirements(RequirementsMode = AspNetCompatibilityRequirementsMode.Required)]
public class LibraryUploader : ILibraryUploader
{
    //just try to return site title right now…
    public string SiteName()
    {
        WindowsIdentity identity = ServiceSecurityContext.Current.WindowsIdentity;

        ClaimsIdentity claimsIdentity = new ClaimsIdentity(identity);

        return SPContext.Current.Web.Title;
    }
     }

我刚刚测试它的WCF测试客户端(WPF应用程序)使用以下代码来调用WCF服务... 

private void Button1Click(object sender, RoutedEventArgs e)
    {
        BasicHttpBinding binding = new BasicHttpBinding();
        binding.Security.Mode = BasicHttpSecurityMode.TransportCredentialOnly;
        binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Ntlm;

        EndpointAddress endpoint =
            new EndpointAddress(
                "http://dev.portal.data-image.local/_vti_bin/MyCompany.Services/LibraryManagers/LibraryUploader.svc");

        LibraryUploaderClient libraryUploader = new LibraryUploaderClient(binding, endpoint);
        libraryUploader.ClientCredentials.Windows.AllowedImpersonationLevel =
            System.Security.Principal.TokenImpersonationLevel.Impersonation;

        MessageBox.Show(libraryUploader.SiteName());
    }

对于声明并尝试同时使用Windows和FBA,我对IIS安全设置/配置缺乏经验。对于安全性的WCF配置,我也缺乏经验。我经常开发内部商务应用程序,让Visual Studio决定使用什么,因为安全性很少受到关注。

1 个答案:

答案 0 :(得分:0)

我想我找到了答案。关键是创建一个web.config文件并部署在与.svc文件相同的文件夹中。 web.config文件需要指定绑定以使用“ wsHttpBinding ”而不是“ basicHttpBinding ”。我还删除了.svc声明中的Factory属性和类上的BasicHttpBindingServiceMetadataExchangeEndpoint属性。

相关问题
最新问题