class Program
{
static void Main(string[] args)
{
Uri uri = new Uri("http://localhost:900");
WebHttpBinding binding = new WebHttpBinding();
binding.Security.Mode = WebHttpSecurityMode.TransportCredentialOnly;
binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Windows;
using (ServiceHost sh = new ServiceHost(typeof(MyService), uri))
{
ServiceEndpoint se = sh.AddServiceEndpoint(typeof(IService), binding, uri);
se.EndpointBehaviors.Add(new WebHttpBehavior());
ServiceMetadataBehavior smb;
smb = sh.Description.Behaviors.Find<ServiceMetadataBehavior>();
if (smb==null)
{
smb = new ServiceMetadataBehavior()
{
HttpGetEnabled = true
};
sh.Description.Behaviors.Add(smb);
}
Binding mexbinding = MetadataExchangeBindings.CreateMexHttpBinding();
sh.AddServiceEndpoint(typeof(IMetadataExchange), mexbinding, "mex");
sh.Open();
Console.WriteLine("Service is ready");
Console.ReadLine();
sh.Close();
}
}
}
[ServiceContract]
public interface IService
{
[OperationContract]
[WebGet]
string SayHello();
}
public class MyService : IService
{
public string SayHello()
{
return "Hello Friend";
}
}
Result.
Best Regards
Abraham
.NET forums are moving to a new home on Microsoft Q&A, we encourage you to go to Microsoft Q&A for .NET for posting new questions and get involved today.
I mean that when user request to my wcf service like http://localhost:50961/Service.svcit will show login form to authentication it is not when user request to url of method.
so if user input right username and password they will see and can use all my operation contract or method that have in my service
The SVC address is used to publish metadata address by default. If you want to protect the metadata, you can disable publishing the metadata. WCF authentication framework is the protection of WCF services, these two ideas are a little similar, but the client
authentication does not include metadata page. It is impossible that we achieve it via framework itself.
Best Regards
Abraham
.NET forums are moving to a new home on Microsoft Q&A, we encourage you to go to Microsoft Q&A for .NET for posting new questions and get involved today.
Yes, you could. Please refer to the above code, it will show the login dialog when you first access the website whose base address is
http://10.157.13.69:900,
If you host the WCF service on the IIS, It corresponds to the IIS authentication mode.
.NET forums are moving to a new home on Microsoft Q&A, we encourage you to go to Microsoft Q&A for .NET for posting new questions and get involved today.
Member
6 Points
21 Posts
WCF header access token
Nov 13, 2018 04:24 AM|UnVandy|LINK
Dear all programmer !
when client request to my wcf url they need to login with header if username and password are wrong they can not use my wcf service
Have any resource please help share me !
Member
740 Points
321 Posts
Re: WCF header access token
Nov 14, 2018 09:58 AM|Abraham Qian|LINK
Hi UnVandy,
You could authenticate the client via windows identity,
https://docs.microsoft.com/en-us/dotnet/framework/wcf/feature-details/authentication-in-wcf
I have made a demo, wish it is useful to you.
Server.
class Program { static void Main(string[] args) { Uri uri = new Uri("http://localhost:900"); WebHttpBinding binding = new WebHttpBinding(); binding.Security.Mode = WebHttpSecurityMode.TransportCredentialOnly; binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Windows; using (ServiceHost sh = new ServiceHost(typeof(MyService), uri)) { ServiceEndpoint se = sh.AddServiceEndpoint(typeof(IService), binding, uri); se.EndpointBehaviors.Add(new WebHttpBehavior()); ServiceMetadataBehavior smb; smb = sh.Description.Behaviors.Find<ServiceMetadataBehavior>(); if (smb==null) { smb = new ServiceMetadataBehavior() { HttpGetEnabled = true }; sh.Description.Behaviors.Add(smb); } Binding mexbinding = MetadataExchangeBindings.CreateMexHttpBinding(); sh.AddServiceEndpoint(typeof(IMetadataExchange), mexbinding, "mex"); sh.Open(); Console.WriteLine("Service is ready"); Console.ReadLine(); sh.Close(); } } } [ServiceContract] public interface IService { [OperationContract] [WebGet] string SayHello(); } public class MyService : IService { public string SayHello() { return "Hello Friend"; } }Result.
Best Regards
Abraham
Member
6 Points
21 Posts
Re: WCF header access token
Nov 15, 2018 03:48 AM|UnVandy|LINK
I mean that when user request to my wcf service like http://localhost:50961/Service.svc it will show login form to authentication it is not when user request to url of method.
so if user input right username and password they will see and can use all my operation contract or method that have in my service
Thank for your help hope you can explain me again
i am waiting your answer Abraham Qian
Member
740 Points
321 Posts
Re: WCF header access token
Nov 15, 2018 07:30 AM|Abraham Qian|LINK
Hi,
The SVC address is used to publish metadata address by default. If you want to protect the metadata, you can disable publishing the metadata. WCF authentication framework is the protection of WCF services, these two ideas are a little similar, but the client authentication does not include metadata page. It is impossible that we achieve it via framework itself.
Best Regards
Abraham
Member
6 Points
21 Posts
Re: WCF header access token
Nov 15, 2018 08:12 AM|UnVandy|LINK
Hello,
I mean when user request to my wcf service or svc file it will show pop up dialog to login with username and password
Thank sir
Member
740 Points
321 Posts
Re: WCF header access token
Nov 16, 2018 07:59 AM|Abraham Qian|LINK
Hi UnVandy,
Yes, you could. Please refer to the above code, it will show the login dialog when you first access the website whose base address is http://10.157.13.69:900,
If you host the WCF service on the IIS, It corresponds to the IIS authentication mode.
https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/hh831496(v=ws.11)#Impersonation
Best Regards
Abraham
Member
6 Points
21 Posts
Re: WCF header access token
Nov 19, 2018 02:46 AM|UnVandy|LINK
Dear Abraham Qian,
Thank you so much for your answer finally my wcf work with authentication by enable basic authentication and window authentication
Thank you !