none
WCF Windows Authenticated Single Host Multiple Endpoint AD Restriction RRS feed

  • Question

  • Hi

    I have a one service host which has multiple endpoints.

    Endpoint A-->Has Windows Authentication

    EndpointB-->Has Anonymous Authentication(Token Based Security)

    I want to restrict specific user or group for windows authentication endpoint 

    how can I do that 

    Regards

    Thursday, December 14, 2017 6:33 AM

Answers

All replies

  • Hi Bilgehan,

    >> I want to restrict specific user or group for windows authentication endpoint

    For this requirement, you could check the User in the method by OperationContext.ServiceSecurityContext.WindowsIdentity.Name, if the user is restricted, you could return “Access Defined”.

    In addition, if there is no other issue for the first issue in below thread, I would suggest you mark the solution as answer to close previous thread.

    # WCF Windows Authenticated Endpoint

    https://social.msdn.microsoft.com/Forums/en-US/52e18cfa-e7bd-438f-91d1-9ae63723c37d/wcf-windows-authenticated-endpoint?forum=wcf

    Best Regards,

    Tao Zhou


    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.

    Friday, December 15, 2017 5:24 AM
  • you mean customizating ServiceAuthenticationManager  or ServiceAuthorizationManager classes?Am I right,

    for authentication I am thinking about these feature with customazing ServiceAuthenticationManager  and if unwanted user want to access windows authenticated endpoint ,throw exception in custom ServiceAuthenticationManager?What is your suggesttion about that?

     
    Friday, December 15, 2017 6:08 AM
  • Hi Bilgehan,

    The code I used is below:

            public string GetData(int value)
            {
                var user = OperationContext.Current.ServiceSecurityContext.WindowsIdentity.Name;
                if (user == "accept user")
                {
                    return "login successfully";
                }
                else
                {
                    return "login failed";
                }
                return string.Format("You entered: {0}", value);
            }
    

    Best Regards,

    Tao Zhou


    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.

    Friday, December 15, 2017 6:51 AM
  • This is operation based but I want to do it for all service.I mean authentication.

    What is your suggestion about creatin customServiceAuthenticationManager  ?

    Friday, December 15, 2017 8:47 AM
  • Hi Bilgehan,

    If you need custom ServiceAuthenticaitonManager, I suggest you refer link below:

    # Custom Authentication and Security for Routing Service of WCF 4.0

    https://www.codeproject.com/Articles/458473/Custom-Authentication-and-Security-for-Routing-Ser

    Best Regards,

    Tao Zhou


    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.

    Monday, December 18, 2017 5:26 AM