locked
WCF services in ISAPI folder RRS feed

  • Question

  • Hello,

    I have two wcf services in my ISAPI folder. Both are enabled for windows auth (kerberos) and both work fine (connecting to sql server instances to other machines etc)

    There is one issue here. When one service connects to another, the user falls back to the user running the app pool.

    Is this a common or known issue in SharePoint? I checked my configuration and all seems fine


      <system.serviceModel>
          <client>
            <endpoint
              name="MyDataServiceConfiguration"
              binding="basicHttpBinding"
              bindingConfiguration="basicHttpBinding"
              behaviorConfiguration="defaultClientBehavior"
              contract="WcfTest.IService" />
          </client>
        
        <behaviors>
          <endpointBehaviors>
            <behavior name="defaultClientBehavior">
              <dataContractSerializer maxItemsInObjectGraph="2147483647"/>
              <clientCredentials>
                <windows allowedImpersonationLevel="Delegation" />
                <httpDigest impersonationLevel="Delegation" />
              </clientCredentials>
            </behavior>
          </endpointBehaviors>
          <serviceBehaviors>
            <behavior name="standardBehavior">
              <serviceMetadata httpGetEnabled="false" />
              <serviceAuthorization impersonateCallerForAllOperations="true" />
              <serviceDebug includeExceptionDetailInFaults="false" />
              <dataContractSerializer maxItemsInObjectGraph="2147483647" />
              <serviceCredentials>
                <windowsAuthentication includeWindowsGroups="true"
                                       allowAnonymousLogons="false" />
              </serviceCredentials>
            </behavior>
          </serviceBehaviors>
        </behaviors>
        
        <!--TODO: use transport clientCredentialType="Ntlm" in non kerberos situations -->
        <bindings>
          <basicHttpBinding>
            <binding name="basicHttpBinding"
                     maxReceivedMessageSize="2147483647"
                     maxBufferSize="2147483647" >
              <readerQuotas maxArrayLength="2147483647"
                            maxStringContentLength="2147483647" />
              <security mode="TransportCredentialOnly">
                <transport clientCredentialType="Windows"
                           proxyCredentialType="None" />
              </security>
            </binding>
          </basicHttpBinding>
        </bindings>
        
        <services>
          <!--Client Data Service-->
          <service name="WcfTest.Service"
                   behaviorConfiguration="standardBehavior">
            <endpoint
              address=""
              binding="basicHttpBinding"
              bindingConfiguration="basicHttpBinding"
              name="ClientDataService"
              contract="WcfTest.IService">
              <identity>
                <userPrincipalName value="moss@hq.internal.cns.nl" />
              </identity>
            </endpoint>
          </service></services><system.serviceModel> 


    Monday, November 21, 2011 12:57 PM

All replies

  • This config is located next to the svc file in the ISAPI folder
    Tuesday, November 22, 2011 8:34 AM
  • I just found out my synchronous methods work, the async implementation does kind of fail in delegation.

    I now try to find out what causes this, if one of you knows a direct solution, you're welcome

    Tuesday, November 22, 2011 12:25 PM