none
WCF Windows authentication RRS feed

  • Question

  • Hi everybody, hope you're all fine.

    Quick question about WCF implementation. Let's consider the following service contract and its implementation.

    How can I secure it ? I want this web service shows a credentials prompt dialog box if the connected user is not authenticated.
    It's also important to me to keep being able to return json data from WebOperationContext.Current.GetTextResponse ...

        [ServiceContract]
        public interface IDataServer
        {
            [OperationContract]
            [WebGet()]
            Message AssetUpdate(string name, string model, string sn);
    
            [WebGet()]
            Message GetItem(string type, string key, string value);
        }
    
                    var dataServerUri = new Uri(String.Format("http://{0}/DataServer", ServerAlias));
                    var dataServerPublisher = new WebServiceHost(typeof(DataServer), dataServerUri);
                    SetChannelMessages(dataServerPublisher, dataServerUri.AbsoluteUri);
                    var binding3 = new WebHttpBinding();
                    //binding3.Security.Mode = WebHttpSecurityMode.Transport;
                    //binding3.Security.Transport.ClientCredentialType = HttpClientCredentialType.Windows;
                    dataServerPublisher.AddServiceEndpoint(typeof(IDataServer), binding3, String.Empty);
                    dataServerPublisher.Description.Endpoints[0].EndpointBehaviors.Add(new WebHttpBehavior());
                    dataServerPublisher.Open();
    
    If I'm uncomment the 2 lines, service won't open.

    The operation 'AssetUpdate' could not be loaded because it has a parameter or return type of type System.ServiceModel.Channels.Message or a type that has MessageContractAttribute and other parameters of different types. When using System.ServiceModel.Channels.Message or types with MessageContractAttribute, the method must not use any other types of parameters.

    Can you please help me to understand what's wrong ?

    Thank you in advance.

    Wednesday, May 2, 2018 9:59 PM

All replies

  • Hi nicolasC,

    >> I want this web service shows a credentials prompt dialog box if the connected user is not authenticated.

    No, it is impossible to show a credential prompt dialog. The client will receive unauthorized error instead of credential prompt if the user is not authenticated.

    >> The operation 'AssetUpdate' could not be loaded

    As the error indicates, I suggest you change “Message” return type to model class.

    Best Regards,

    Tao Zhou


    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.

    Thursday, May 3, 2018 1:31 AM
  • Ho Tao,

    Thank you for your reply.

    Quick other question, can it work if I pass credentials in my request (Inside headers for example) ?

    Saturday, May 5, 2018 10:48 AM
  • Yes, you could pass the credential inside the header.

    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.

    Monday, May 7, 2018 3:07 AM