none
Windows Authentication between WCF service & SQL Server RRS feed

  • Question

  • Hi,

    We have a WCF service with net tcp binding using windows authentication hosted on Server A and SQL database on server B. Both servers are in intranet. We need to implement Windows authentication between WCF service & SQL server.

    Can anybody explain the stpes for achieving the same.

    Thanks.

    Saturday, November 13, 2010 2:02 PM

Answers

  • Hi,

    I think we have figured out some way..

    We have done following changes:

    1. A domain user is created & added to the SQL Server Database

    2. Connection string is changed to

    <appSettings>

    <add key ="ConnectionString" value ="Data Source=<Server name>; Initial Catalog=<Database Name>; Integrated Security=SSPI;"/>

    </appSettings>

    3. Added userPrincipalName attribute in the config file of WCF service & hence in the config file of Windows service as: <userPrincipalName value="User@Domain"/>

    4. When service gets installed, it gets installed with default user account as Local System/Network Service. In the Service properties window in "Log On" tab, we changed "Log On as" to "This Account" & put user name as "Domain@User" & put passwords in the below mentioned text boxes.

    Thses changes enabled us to get Windows Authentication work between WCF service & SQL Server database.

    Thanks.

    • Marked as answer by Yi-Lun Luo Wednesday, December 1, 2010 9:29 AM
    Wednesday, December 1, 2010 9:24 AM

All replies

  • Amit,

    To impliment windows authentication with net tcp binding.. you can find the detailed steps in following link.

    http://msdn.microsoft.com/en-us/library/ff647180.aspx

    Thanks,

    Prabhas

     

     

    • Proposed as answer by Rahul P Nath Saturday, November 13, 2010 7:03 PM
    Saturday, November 13, 2010 6:05 PM
  •  

    I have already implemented WCF service with net tcp binding & windows authentication. I wanted to know whether any settings are required to achieve windows authentication between WCF service on server A & SQL database on server B. What I am looking for is steps that need to be followed for making any settings or changes at WCF side or SQL server side to achieve windows authentication between the two.

    Thanks. 

    Saturday, November 13, 2010 7:47 PM
  • Hello, most likely you're encountering a double hop issue. You can refer to http://blogs.msdn.com/b/securitytools/archive/2009/11/04/double-hop-windows-authentication-with-iis-hosted-wcf-service.aspx for a solution.
    Lante, shanaolanxing This posting is provided "AS IS" with no warranties, and confers no rights.
    • Marked as answer by Yi-Lun Luo Monday, November 22, 2010 2:08 AM
    • Unmarked as answer by Amit Gadre Monday, November 22, 2010 3:21 AM
    Tuesday, November 16, 2010 7:28 AM
  • We are using Windows service to host our WCF service with net tcp binding & Windows Authentication.

    Does anybody has got any idea about the implementation of the above mentioned scenario...???

    Thanks.

    Monday, November 22, 2010 9:41 AM
  • Hi,

    In the above replies you can see steps for implementation for the NET TCP binding. And you also said that you have already implemented the net tcp binding & windows authentication.

    Can you tell what is the problem you are facing ? any error ? any config issues ? 

     

    Thanks,

    Prabhas


    Please mark posts as answers/helpful if it answers your question
    Monday, November 22, 2010 9:53 AM
  • Hi Prabhas,

    There are 2 scenarios,

    1. .NET client hits the service.

    2. Service hits SQL server.

    For first scenario we have implemented Windows Authentication where Service authenticates client by using windows authentication. That works fine.

    But for second scenario, WCF service has got a reference of a class library which connects to database using connection string in which we are passing hard coded user name & password values. This user is present in the SQL server users group. Hence it gets authenticated. But as per new requirement we do not want to send hard coded user name & password values & need to change this hard coded stuff with Windows Authentication between WCF service & SQL Server. We need to know what all things to be done in WCF service as well as SQL server to achieve this second requirement. Also, One domain user is created & it is added to the database.

    Thanks 

    • Edited by Amit Gadre Tuesday, November 23, 2010 12:13 PM
    Monday, November 22, 2010 10:43 AM
  • Have you gone through the above link? http://blogs.msdn.com/b/securitytools/archive/2009/11/04/double-hop-windows-authentication-with-iis-hosted-wcf-service.aspx

    In short, you need to enable delegation level impersonation.


    Lante, shanaolanxing This posting is provided "AS IS" with no warranties, and confers no rights.
    Tuesday, November 23, 2010 6:04 AM
  • Hi,

    I think we have figured out some way..

    We have done following changes:

    1. A domain user is created & added to the SQL Server Database

    2. Connection string is changed to

    <appSettings>

    <add key ="ConnectionString" value ="Data Source=<Server name>; Initial Catalog=<Database Name>; Integrated Security=SSPI;"/>

    </appSettings>

    3. Added userPrincipalName attribute in the config file of WCF service & hence in the config file of Windows service as: <userPrincipalName value="User@Domain"/>

    4. When service gets installed, it gets installed with default user account as Local System/Network Service. In the Service properties window in "Log On" tab, we changed "Log On as" to "This Account" & put user name as "Domain@User" & put passwords in the below mentioned text boxes.

    Thses changes enabled us to get Windows Authentication work between WCF service & SQL Server database.

    Thanks.

    • Marked as answer by Yi-Lun Luo Wednesday, December 1, 2010 9:29 AM
    Wednesday, December 1, 2010 9:24 AM
  • Hi Prabhas,

    There are 2 scenarios,

    1. .NET client hits the service.

    2. Service hits SQL server.

    For first scenario we have implemented Windows Authentication where Service authenticates client by using windows authentication. That works fine.

    But for second scenario, WCF service has got a reference of a class library which connects to database using connection string in which we are passing hard coded user name & password values. This user is present in the SQL server users group. Hence it gets authenticated. But as per new requirement we do not want to send hard coded user name & password values & need to change this hard coded stuff with Windows Authentication between WCF service & SQL Server. We need to know what all things to be done in WCF service as well as SQL server to achieve this second requirement. Also, One domain user is created & it is added to the database.

    Thanks 

    Same scenario I am facing do you any solution for it?. Please share it with me... 

    Manjunath

    Monday, March 5, 2012 12:15 PM