Le réseau pour les développeurs >
Forums - Accueil
>
AppFabric
>
Enabling Windows Authentication in REST services?
Enabling Windows Authentication in REST services?
- I'm implementing a set of REST services using the ServiceHostFactory approach described in Flanders' _Restful.NET_ book (Chapter 5); however the default binding supports only anonymous login to IIS and I must disable Windows Integrated Auth. to get it to work under IIS. I'm trying to figure out how to enable Windows Authentication on the endpoint, but I'm starting with a WebServiceHost instance and don't see how to get at the Endpoint(s) associated with the host. Is it already too late once the host is created? Is there some magic I can use to change the authentication method? Here's my svc file:
Thanks in advance.<%@ ServiceHost Language="C#" Debug="true" Service="PMSAWebServices.Service" Factory="PMSAWebServices.AppServiceHostFactory"%> using System; using System.ServiceModel; using System.ServiceModel.Activation; using Microsoft.ServiceModel.Web.SpecializedServices; namespace PMSAWebServices { class AppServiceHostFactory : WebServiceHostFactory { protected override ServiceHost CreateServiceHost(Type serviceType, Uri[] baseAddresses) { System.ServiceModel.Web.WebServiceHost serviceHost = base.CreateServiceHost(serviceType, baseAddresses) as System.ServiceModel.Web.WebServiceHost; return serviceHost; } } }
Bill
Bill Cohagan
Réponses
- So you're working with normal WCF. In this case, it is better to post your question in the WCF forum. This forum is for .NET Services questions.
Anyway, you can enable Windows authentication in a normal WCF REST service by the following configuration:
<
bindings>
<
webHttpBinding>
<
binding name="webBinding">
<
security>
<
transport clientCredentialType="Windows"/>
</
security>
</
binding>
</
webHttpBinding>
</
bindings>
Lante, shanaolanxing This posting is provided "AS IS" with no warranties, and confers no rights.- Marqué comme réponseBill Cohagan jeudi 16 juillet 2009 20:29
Toutes les réponses
- Hello, are you using service bus? If you're using service bus, currenlty there's no support for Windows Authentication. The only workaround is to use federation. You deploy a Geneva Server in your company, and add the Geneva Server as a trusted issuer to ACS. Then services hosted on service bus will be able to use ACS to authenticate the client.
By the way, service bus does not support svc, so you can't use WebServiceHostFactory. You just create a normal ServiceHost. The listener is on the cloud, not on your local machine. It is only the messages are relayed to your local machine for processing. Even with a normal WCF REST service, WebServiceHostFactory is generally only used in scenarios where you can't use configuration files (for example, the services are constructed dynamically). When hosting a normal WCF service using WebHttpBinding, in most scenarios, it is recommended to use web.config. Windows authentication is supported in the normal WebHttpBinding. But the security for WebHttpBinding is only supported on the transport level, not the message level.
Lante, shanaolanxing This posting is provided "AS IS" with no warranties, and confers no rights.- Marqué comme réponseYi-Lun LuoMSFT, Modérateurvendredi 10 juillet 2009 09:28
- Non marqué comme réponseBill Cohagan vendredi 10 juillet 2009 17:50
Hello, are you using service bus? If you're using service bus, currenlty there's no support for Windows Authentication. The only workaround is to use federation. You deploy a Geneva Server in your company, and add the Geneva Server as a trusted issuer to ACS. Then services hosted on service bus will be able to use ACS to authenticate the client.
By the way, service bus does not support svc, so you can't use WebServiceHostFactory. You just create a normal ServiceHost. The listener is on the cloud, not on your local machine. It is only the messages are relayed to your local machine for processing. Even with a normal WCF REST service, WebServiceHostFactory is generally only used in scenarios where you can't use configuration files (for example, the services are constructed dynamically). When hosting a normal WCF service using WebHttpBinding, in most scenarios, it is recommended to use web.config. Windows authentication is supported in the normal WebHttpBinding. But the security for WebHttpBinding is only supported on the transport level, not the message level.
Lante, shanaolanxing This posting is provided "AS IS" with no warranties, and confers no rights.
Thank you for your response and I apologize for taking so long to respond. Since I don't know what "service bus" and "Geneva Server" are I don't think I'm using them. I'm just setting up a REST service (per the book/chapter I referenced) and it all works fine (modulo the authentication problem described.) In this case the listener is in fact on my machine, not the cloud as I'm hosting the service using IIS.
So, I think perhaps you've misunderstood my problem.
Regards,
Bill
Bill Cohagan- So you're working with normal WCF. In this case, it is better to post your question in the WCF forum. This forum is for .NET Services questions.
Anyway, you can enable Windows authentication in a normal WCF REST service by the following configuration:
<
bindings>
<
webHttpBinding>
<
binding name="webBinding">
<
security>
<
transport clientCredentialType="Windows"/>
</
security>
</
binding>
</
webHttpBinding>
</
bindings>
Lante, shanaolanxing This posting is provided "AS IS" with no warranties, and confers no rights.- Marqué comme réponseBill Cohagan jeudi 16 juillet 2009 20:29
- Thanks for the response. Sorry for the misdirection on using this forum. I actually found it without traversing the tree -- so didn't realize it was Azure specific.
Regards,
Bill
Bill Cohagan
