locked
WCF Windows authentication RRS feed

  • Question

  • User-56048866 posted

    I have a strange problem. I have created a WCF service that I use for a silverlight application.I have set the service to allow Windows Authentication and Anonymous authentication. 

    If I add a test.txt file in the service root it requires the authentication, but for the svc file in the same directory it is not ? Why is this? 

    The config looks like this. I have set up similar configs before without problems :(  

    <?xml version="1.0"?>
    <configuration>      
      <system.web>
        <authentication mode="Windows" />
        <authorization> <deny users="?" /> </authorization>
      </system.web>
     
        <system.serviceModel>
          <bindings>
            <basicHttpBinding>
              <binding name="BasicHttpEndpointBinding">
                <security mode="TransportCredentialOnly">
                  <transport clientCredentialType="Windows" />
                </security>
              </binding>
            </basicHttpBinding>
    
          </bindings>
          <services>
            <service name="TestDataService">
              <endpoint address="" binding="basicHttpBinding" contract="Test.DataService.ITestDataService" bindingConfiguration="BasicHttpEndpointBinding">
              </endpoint>
              
              <endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange"/>
            </service>
          </services>
          <behaviors>
            <serviceBehaviors>
              <behavior>
               
                <serviceMetadata httpGetEnabled="False" />
               
                <serviceDebug includeExceptionDetailInFaults="False" />
              </behavior>
            </serviceBehaviors>
          </behaviors>
        </system.serviceModel>
    
    
    </configuration>
    

    Monday, February 24, 2014 10:20 AM

Answers

  • User-56048866 posted

    The problem was that my service did not include

    [AspNetCompatibilityRequirements(RequirementsMode = AspNetCompatibilityRequirementsMode.Allowed)]

    AspNetCompatibilityRequirementsMode is also needed in the config :)

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Thursday, February 27, 2014 3:46 AM

All replies

  • User-417640953 posted

    Thank you yullus for posting to asp.net forum.

    From your configuration, I see you set the iis authentication as the Windows model.

     <system.web>
        <authentication mode="Windows" />
        <authorization> <deny users="?" /> </authorization>
      </system.web>
    

    So if you request test.txt file without ptovide the window credentials, it surely deny your requestion.

    As for requesting the service file (.svc), I see your service security "TransportCredentialOnly" model with clientCredentialType="Windows".

     <binding name="BasicHttpEndpointBinding">
                <security mode="TransportCredentialOnly">
                  <transport clientCredentialType="Windows" />
                </security>
     </binding>
    

    I think when you call the service, client has provided currect window credentials, thus iss not deny your requestion.

    Making a Confirmation, you can set service security model as "none" and test if you can access the service.

    Thanks.

    Best Regards!

    Thursday, February 27, 2014 12:44 AM
  • User-56048866 posted

    The problem was that my service did not include

    [AspNetCompatibilityRequirements(RequirementsMode = AspNetCompatibilityRequirementsMode.Allowed)]

    AspNetCompatibilityRequirementsMode is also needed in the config :)

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Thursday, February 27, 2014 3:46 AM