我有一个silverlight 4应用程序,我需要客户端使用SSL保护的WCF服务并使用Windows身份验证。只有某个活动目录组的成员才能调用WCF服务。
这是我的web.config。使用当前配置,任何人都可以调用WCF服务。什么应该是正确的值?
谢谢, Kruvi
<configuration>
<system.diagnostics>
</system.diagnostics>
<system.web>
<compilation debug="true" targetFramework="4.0" />
<customErrors mode="On" defaultRedirect="~\Errors\Error.htm">
<error statusCode="404" redirect="~\Errors\404.htm"/>
</customErrors>
</system.web>
<connectionStrings>
</connectionStrings>
<system.serviceModel>
<diagnostics>
</diagnostics>
<extensions>
<behaviorExtensions>
<add name="silverlightFaults"
type="ZCUtils.SilverlightFaultBehavior, ZCUtils, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null"/>
</behaviorExtensions>
</extensions>
<behaviors>
<endpointBehaviors>
<behavior name="SilverlightFaultBehavior">
<silverlightFaults />
</behavior>
</endpointBehaviors>
<serviceBehaviors>
<behavior name="ZCBehavior">
<serviceMetadata httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
</serviceBehaviors>
</behaviors>
<bindings>
<basicHttpBinding>
<binding name="BasicHttpBindingSsl" maxReceivedMessageSize="2147483647" maxBufferSize="2147483647">
<security mode="Transport" />
</binding>
</basicHttpBinding>
</bindings>
<serviceHostingEnvironment aspNetCompatibilityEnabled="false" multipleSiteBindingsEnabled="true" />
<services>
<service name="ZC.Web.Services.ZCServices" behaviorConfiguration="ZCBehavior">
<endpoint address="" behaviorConfiguration="SilverlightFaultBehavior"
binding="basicHttpBinding" bindingConfiguration="BasicHttpBindingSsl"
contract="ZC.Web.Services.ZCServices" />
</service>
</services>
</system.serviceModel>
</configuration>
答案 0 :(得分:1)
以下文章介绍了如何使用Windows身份验证为Silverlight客户端保护WCF服务:
http://msdn.microsoft.com/en-us/library/dd744835(v=vs.95).aspx
本文讨论使用PrincipalPermissionAttribute,它允许您使用组进行限制,可以调用特定的服务操作: