WCF header access token

Question

User686683308 posted

Dear all programmer !

when client request to my wcf url they need to login with header if username and password are wrong they can not use my wcf service 

Have any resource please help share me !

Answer 1

User-330142929 posted

Hi UnVandy,
You could authenticate the client via windows identity,
https://docs.microsoft.com/en-us/dotnet/framework/wcf/feature-details/authentication-in-wcf
I have made a demo, wish it is useful to you.
Server.

class Program
{
static void Main(string[] args)
{
Uri uri = new Uri("http://localhost:900");
WebHttpBinding binding = new WebHttpBinding();
binding.Security.Mode = WebHttpSecurityMode.TransportCredentialOnly;
binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Windows;
using (ServiceHost sh = new ServiceHost(typeof(MyService), uri))
{
ServiceEndpoint se = sh.AddServiceEndpoint(typeof(IService), binding, uri);
se.EndpointBehaviors.Add(new WebHttpBehavior());
ServiceMetadataBehavior smb;
smb = sh.Description.Behaviors.Find<ServiceMetadataBehavior>();
if (smb==null)
{
smb = new ServiceMetadataBehavior()
{
HttpGetEnabled = true
};
sh.Description.Behaviors.Add(smb);
}
Binding mexbinding = MetadataExchangeBindings.CreateMexHttpBinding();
sh.AddServiceEndpoint(typeof(IMetadataExchange), mexbinding, "mex");
sh.Open();
Console.WriteLine("Service is ready");

Console.ReadLine();
sh.Close();
}
}
}
[ServiceContract]
public interface IService
{
[OperationContract]
[WebGet]
string SayHello();
}
public class MyService : IService
{
public string SayHello()
{
return "Hello Friend";
}
}

Result.

Best Regards

Abraham

Answer 2

User686683308 posted

I mean that when user request to my wcf service like http://localhost:50961/Service.svc it will show login form to authentication it is not when user request to url of method.

so if user input right username and password they will see and can use all my operation contract or method that have in my service 

Thank for your help hope you can explain me again 

i am waiting your answer Abraham Qian

Answer 3

User-330142929 posted

Hi,

The  SVC address is used to publish metadata address by default. If you want to protect the metadata, you can disable publishing the metadata. WCF authentication framework is the protection of WCF services, these two ideas are a little similar, but the client authentication does not include metadata page. It is impossible that we achieve it via framework itself.

Best Regards

Abraham

Answer 4

User686683308 posted

Hello,

I mean when user request to my wcf service or svc file it will show pop up dialog to login with username and password 

Thank sir 

Answer 5

User-330142929 posted

Hi UnVandy,

Yes, you could. Please refer to the above code, it will show the login dialog when you first access the website whose base address is http://10.157.13.69:900,

If you host the WCF service on the IIS, It corresponds to the IIS authentication mode.

https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/hh831496(v=ws.11)#Impersonation

Best Regards

Abraham

Answer 6

User686683308 posted

Dear Abraham Qian,

Thank you so much for your answer finally my wcf work with authentication by enable basic authentication and window authentication

Thank you !