c# - WCF Service Authorizing with Active Directory - Access Denied Error -


i have question around wcf authorization against domain account on http traffic hosted on iis (none production no ssl cert available use on internet)

i'd know how set windows authentication client web service. i'm testing on same lan proxies not problem

i have included list of tried steps @ end of post

edit: error occurring access denied, nothing else, given try, catch in client application. if there way more detailed information, please let me know , ill add result post.

wcf service code:

[aspnetcompatibilityrequirements(requirementsmode = aspnetcompatibilityrequirementsmode.allowed)]    servicebehavior(instancecontextmode = instancecontextmode.single, concurrencymode = concurrencymode.single, includeexceptiondetailinfaults = true)]      public class data : idata     {         [principalpermission(securityaction.demand, role=@"administrators")]          public list<incident> getcases()         {                          queries query = new queries();              list<incident> ilist = query.callcases();              return ilist;           }    }

wcf web config bindings:

<wshttpbinding>     <binding name="transportsecurity">         <security mode="none">             <message clientcredentialtype="windows" algorithmsuite="default"/>         </security>     </binding> </wshttpbinding>

wcf web config behavior:

<behavior name="behaviour1">     <servicemetadata httpgetenabled="true" httpgeturl=""/>     <servicedebug includeexceptiondetailinfaults="true" />     <userequestheadersformetadataaddress>         <defaultports>             <add scheme="http" port="9577" /> ///this port correct         </defaultports>     </userequestheadersformetadataaddress> </behavior>

wcf web config service:

<service behaviorconfiguration="behaviour1" name="webservice1.data">     <endpoint address="" binding="wshttpbinding" bindingconfiguration="transportsecurity" contract="webservice1.idata">          <identity>               <dns value="demo.domainname.co.uk" />          </identity>     </endpoint>     <endpoint address="mex" binding="mexhttpbinding" contract="imetadataexchange" /> </service>

client application (has service reference added)

            dataclient client = new dataclient();          appdomain.currentdomain.setprincipalpolicy(principalpolicy.windowsprincipal);         principalpermission principalperm = new principalpermission(null, "administrators");         principalperm.demand();         console.writeline("demand succeeded.");          client.clientcredentials.windows.clientcredential.domain = "domain name";         client.clientcredentials.windows.clientcredential.username = "user account";         client.clientcredentials.windows.clientcredential.password = "password";          //client.clientcredentials.username.username = @"useraccount@domain.com";         //client.clientcredentials.username.password = "password";         //client.clientcredentials.useidentityconfiguration = true;          try         {             list<incident> cases = client.getcases().tolist();              foreach (incident inc in cases)             {                 console.writeline(inc.caseid);             }          }          catch (exception ex)         {             console.writeline(ex.message);         }

attempted resolutions:

  • using domain , local users
  • modifying client credential type basic, ntlm , windows
  • using setting iis use
  • iis has basic , windows authentication enabled

if need more information please don't hesitate ask.

thanks can provide

@tim pointed me in right direction, resolution:

<wshttpbinding> <binding name="transportsecurity">     <security mode="message">         <message clientcredentialtype="windows" algorithmsuite="default"/>     </security> </binding> </wshttpbinding>

because have no ssl certificate needed set security mode message, getting confused people test using ssl, require transport security had set none testing.

thanks tim


Comments

Post a Comment

Popular posts from this blog

javascript - AngularJS custom datepicker directive -

i make custom datepicker directive custom template. but have no idea how start building it... how include date data directive? i appreciate guide or give me advice work on more precisely. it might you! follow below steps html code sample: <label>birth date</label> <input type="text" ng-model="birthdate" date-options="dateoptions" custom-datepicker/> <hr/> <pre>birthdate = {{birthdate}}</pre> <script type="text/ng-template" id="custom-datepicker.html"> <div class="enhanced-datepicker"> <div class="proxied-field-wrap"> <input type="text" ui-date-format="yy-mm-dd" ng-model="ngmodel" ui-date="dateoptions"/> </div> <label> <button class="btn" type="button"><i class="icon-calendar"></i>
Read more

javascript - jQuery date picker - Disable dates after the selection from the first date picker -

<!doctype html> <html lang="en"> <head> <meta charset="utf-8"> <title>jquery ui datepicker - default functionality</title> <link rel="stylesheet" href="//code.jquery.com/ui/1.11.4/themes/smoothness/jquery-ui.css"> <script src="//code.jquery.com/jquery-1.10.2.js"></script> <script src="//code.jquery.com/ui/1.11.4/jquery-ui.js"></script> <link rel="stylesheet" href="/resources/demos/style.css"> <script> $(function () { $("#datepicker1").datepicker(); }); </script> <script> $(function () { $("#datepicker2").datepicker(); }); </script> </head> <body> <p>date 1: <input type="text" id="datepicker1"></p> <p>date 2: <input type="t
Read more