8 steps to enable windows authentication on WCF BasicHttpBinding

Questpond
Posted by in WCF category on for Advance level | Views : 14376 red flag

In this session we will go through basic 8 steps by which we can enable windows authentication security on ‘BasicHttpBinding’. There are two types of security you can define in WCF one is the transport level and the other is the message level. In this article we will discuss how we can define transport level security on ‘BasicHttpBinding’.


 Download source code for 8 steps to enable windows authentication on WCF BasicHttpBinding

8 steps to enable windows authentication on WCF BasicHttpBinding

 

Introduction and Goal

My other WCF FAQ articles

Step 1 Create WCF project

Step 2 :- Ensure authentication mode is windows

Step 3 :- Define the binding in web.config file

Step 4 Bind the bindings with service interface

Step 5 Ensure that anonymous access is disabled

Step 6 Host your WCF service on IIS

Step 7 Consume the WCF service

Step 8 Create the WCF client

Source code

 

Introduction and Goal
 

In this session we will go through basic 8 steps by which we can enable windows authentication security on ‘BasicHttpBinding’. There are two types of security you can define in WCF one is the transport level and the other is the message level. In this article we will discuss how we can define transport level security on ‘BasicHttpBinding’.

Now a days I am distributing my 400 questions and answers ebook which covers major .NET related topics like WCF,WPF,WWF,Ajax,Core .NET,SQL Server,Architecture and lot lot more. I am sure you will enjoy this ebook.
http://www.questpond.com/SampleDotNetInterviewQuestionBook.zip

 

My other WCF FAQ articles
 

http://www.dotnetfunda.com/articles/article221.aspx   to see Windows Communication Framework (WCF) - Part 1

http://www.dotnetfunda.com/articles/article222.aspx  to see Windows Communication Framework (WCF) - Part 2

http://www.dotnetfunda.com/articles/article343-wcf-tracing-faq.aspx  to see WCF Tracing FAQ

 

Step 1 Create WCF project
 

Create a project of WCF service application as shown in the below figure.
 

By default the WCF project creates a class file which has ‘GetData’ function. This function takes in a number values and displays a explanatory sentence like ‘You entered 1 value’ , in case you have entered ‘1’.
 

public class Service1 : IService1
{
public string GetData(int value)
{
return string.Format("You entered: {0}", value);
}
}

Step 2 :- Ensure authentication mode is windows
 

When we create a WCF service application it also has a web.config file associated with it. So open the web.config file and ensure that authentication mode is windows.
 

<authentication mode="Windows" />

Step 3 :- Define the binding in web.config file
 

The third step is to define the bindings and the transport type. To define the bindings we need to enter ‘basicHttpBinding’ element inside the ‘bindings’ XML tag. We also need to define the ‘clientCredentialType’ as windows.
 

<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="BasicHttpEndpointBinding">
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Windows" />
</security>
</binding>
</basicHttpBinding>
</bindings>
<services>
.........
.........
</system.serviceModel>

Step 4 Bind the bindings with service interface

 

Now the bindings defined needs to be associated with a service interface i.e. ‘service1’. So we need to modify the services elements as shown below. You can note that we have defined an end point which has the binding association.

<system.serviceModel>
........
........
........
<services>
<service behaviorConfiguration="WCFWindowsBasicHttpBinding.Service1Behavior" name="WCFWindowsBasicHttpBinding.Service1">
<endpoint address="" binding="basicHttpBinding"
bindingConfiguration="BasicHttpEndpointBinding"
name="BasicHttpEndpoint" contract="WCFWindowsBasicHttpBinding.IService1">
<identity>
<dns value="localhost" />
</identity>
</endpoint>
</service>
</services>
.........
.........
.........
.........
</system.serviceModel>

So over all your <system.serviceModel> XML part as whole with bindings and services is a shown below.
 

<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="BasicHttpEndpointBinding">
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Windows" />
</security>
</binding>
</basicHttpBinding>
</bindings>
<services>
<service behaviorConfiguration="WCFWindowsBasicHttpBinding.Service1Behavior" name="WCFWindowsBasicHttpBinding.Service1">
<endpoint address="" binding="basicHttpBinding"
bindingConfiguration="BasicHttpEndpointBinding"
name="BasicHttpEndpoint" contract="WCFWindowsBasicHttpBinding.IService1">
<identity>
<dns value="localhost" />
</identity>
</endpoint>
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="WCFWindowsBasicHttpBinding.Service1Behavior">
<!-- To avoid disclosing metadata information, set the value below to false and remove the metadata endpoint above before deployment -->
<serviceMetadata httpGetEnabled="true"/>
<!-- To receive exception details in faults for debugging purposes, set the value below to true. Set to false before deployment to avoid disclosing exception information -->
<serviceDebug includeExceptionDetailInFaults="false"/>
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>

Step 5 Ensure that anonymous access is disabled
 

Go to IIS properties and click on security tab and ensure that anonymous access is disabled and only windows authentication is enabled.
 

Step 6 Host your WCF service on IIS
 

We need to host our service in the IIS. So make the directory as an IIS application so that your service can be hosted. Now if you try to browse the service i.e. the SVC file you will see that it pops up the authentication authorization security dialog box. So this service cannot be executed with windows authentication.
 

Step 7 Consume the WCF service
 

So let’s consume this WCF services. So add an ASP.NET webapplication and do a add webreference. You will be popped up with a dialog box as shown below. Click on add reference so that a proxy is generated for the WCF service.

Step 8 Create the WCF client
 

Type in the following code snippet in your page load. So add the namespace reference and call the method ‘GetData’. The most important step to note is the credential supplied. ‘DefaultCredentials’ passes the current windows identity to the WCF service.
 

If you execute the service you should get the following display as shown below.

You can try commenting the below code in your client in other words we are not passing any credentials.
 

obj.Credentials = System.Net.CredentialCache.DefaultCredentials;

Now if you execute you should get the below error stating that this is an unauthorized call.

Source code
 

Get the source code at the top of this article.
 


 

Page copy protected against web site content infringement by Copyscape

Login to vote for this post.

Comments or Responses

Login to post response

Comment using Facebook(Author doesn't get notification)