Preface:
The "How to Implement username authentication process based on message/transmission security authentication mechanism" section describes how to perform Username Authentication in message security mode, this article will continue to introduce Windows authentication, an external authentication mechanism supported by WCF.
Message security mode and transport security mode both support Windows authentication. Of course, the premise for Supporting windows verification is that both the WCF Service and the WCF client must be in the domain. In this way, when the client requests, the server can map the client identity to the corresponding Windows Account (Kerberos or NTLM) in the domain ).
Body:
The definition of the WCF Service type is still defined in the previous article. To seeProgramWe will slightly modify the servicetype constructor as follows:
Code
[Servicebehavior (instancecontextmode = Instancecontextmode. persession)]
Public Class Mymath: imymath
{
Public Mymath ()
{
System. Security. Principal. windowsidentity identity = System. servicemodel. servicesecuritycontext. Current. windowsidentity;
If (Identity ! = Null )
{
Console. writeline ( " Welcome: {0} " , Identity. Name );
Console. writeline ( " Mymath constructor is called " );
}
}
Public Int Sum ( Int X, Int Y)
{
Return X + Y;
}
}
The role is very simple. When the client identity can be mapped to the corresponding Windows Account, the current user name is displayed on the server.
Windows Authentication Mode configAs follows:
Modify the security in binding to Windows as follows:
Code
< Bindings >
< Wshttpbinding >
< Binding name = " Newbinding0 " >
< Security >
< Message clientcredentialtype = " Windows " />
</ Security >
</ Binding >
</ Wshttpbinding >
</ Bindings >
Create a client program and run the client after the WCF Service is started. You can see that the client identity is correctly mapped to a Windows domain account.
The results of the running server are as follows:
No verification (none) Configuration:
Code
< Bindings >
< Wshttpbinding >
< Binding name = " Newbinding0 " >
< Security >
< Message clientcredentialtype = " None " Negotiateservicecredential = " False " />
</ Security >
</ Binding >
</ Wshttpbinding >
</ Bindings >
The running result is as follows: