Click here to Skip to main content
Click here to Skip to main content
Search within:



 
Comments & Discussions (29)

Eight steps to enable Windows authentication on WCF BasicHttpBinding

By , 9 May 2009
 

Table of contents

Introduction and goal

In this session, we will go through eight basic steps by which we can enable Windows authentication security on BasicHttpBinding. There are two types of security you can define in WCF: transport level and message level. In this article, we will discuss how we can define transport level security on BasicHttpBinding.

Nowadays I am distributing my 400 questions and answers ebook which covers major .NET related topics like WCF, WPF, WWF, AJAX, core .NET, SQL Server, architecture, and a lot more. I am sure you will enjoy this ebook: http://www.questpond.com/SampleDotNetInterviewQuestionBook.zip.

My other WCF FAQ articles

Step 1: Create a WCF project

Create a WCF service application project as shown in the below figure:

By default, the WCF project creates a class file which has the GetData function. This function takes in a number values and displays an explanatory sentence like ‘You entered 1 value’ when you enter ‘1’.

public class Service1 : IService1
{
    public string GetData(int value)
    {
        return string.Format("You entered: {0}", value);
    }
}

Step 2: Ensure authentication mode is Windows

When we create a WCF service application, it also has a web.config file associated with it. So open the web.config file and ensure that the authentication mode is Windows.

<authentication mode="Windows" />

Step 3: Define the binding in the web.config file

The third step is to define the bindings and the transport type. To define the bindings, we need to enter the basicHttpBinding element inside the bindings XML tag. We also need to define the clientCredentialType as Windows.

<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="BasicHttpEndpointBinding">
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Windows" />
</security>
</binding>
</basicHttpBinding>
</bindings>
<services>
.........
.........
</system.serviceModel>

Step 4: Bind the bindings with service interface

Now the bindings defined needs to be associated with a service interface, i.e., service1. So we need to modify the services elements as shown below. You can note that we have defined an end point which has the binding association.

<system.serviceModel>
........
........
........
<services>
<service behaviorConfiguration="WCFWindowsBasicHttpBinding.Service1Behavior" 
                       name="WCFWindowsBasicHttpBinding.Service1">
<endpoint address="" binding="basicHttpBinding"
bindingConfiguration="BasicHttpEndpointBinding"
name="BasicHttpEndpoint" contract="WCFWindowsBasicHttpBinding.IService1">
<identity>
<dns value="localhost" />
</identity>
</endpoint>
</service>
</services>
.........
.........
.........
.........
</system.serviceModel>

Overall your <system.serviceModel> XML part as a whole with bindings and services is as shown below:

<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="BasicHttpEndpointBinding">
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Windows" />
</security>
</binding>
</basicHttpBinding>
</bindings>
<services>
<service behaviorConfiguration="WCFWindowsBasicHttpBinding.Service1Behavior" 
               name="WCFWindowsBasicHttpBinding.Service1">
<endpoint address="" binding="basicHttpBinding"
bindingConfiguration="BasicHttpEndpointBinding"
name="BasicHttpEndpoint" contract="WCFWindowsBasicHttpBinding.IService1">
<identity>
<dns value="localhost" />
</identity>
</endpoint>
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="WCFWindowsBasicHttpBinding.Service1Behavior">
<!-- To avoid disclosing metadata information, set the value below 
               to false and remove the metadata endpoint above before deployment -->
<serviceMetadata httpGetEnabled="true"/>
<!-- To receive exception details in faults for debugging purposes, set the value below 
              to true. Set to false before deployment to avoid disclosing exception information -->
<serviceDebug includeExceptionDetailInFaults="false"/>
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>

Step 5: Ensure that anonymous access is disabled

Go to IIS properties and click on the Security tab and ensure that anonymous access is disabled and only Windows authentication is enabled.

Step 6: Host your WCF service on IIS

We need to host our service in IIS. Make the directory an IIS application so that your service can be hosted. Now if you try to browse the service, i.e., the SVC file, you will see that it pops up the authentication authorization security dialog box. So this service cannot be executed with Windows authentication.

Step 7: Consume the WCF service

Let’s consume the WCF service. Add an ASP.NET web application and do a add web reference. You will be popped up with a dialog box as shown below. Click on Add Reference so that a proxy is generated for the WCF service.

Step 8: Create the WCF client

Type in the following code snippet in your page load. Add the namespace reference and call the method GetData. The most important step to note is the credential supplied. DefaultCredentials passes the current Windows identity to the WCF service.

If you execute the service, you should get the following display as shown below:

You can try commenting the below code in your client, in other words we are not passing any credentials.

obj.Credentials = System.Net.CredentialCache.DefaultCredentials;

Now if you execute, you should get the below error stating that this is an unauthorized call.

License

This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

About the Author

 Shivprasad koirala
Architect http://www.questpond.com
India India
Member

I am a Microsoft MVP for ASP/ASP.NET and currently a CEO of a small
E-learning company in India. We are very much active in making training videos ,
writing books and corporate trainings. Do visit my site for 
.NET, C# , design pattern , WCF , Silverlight
, LINQ , ASP.NET , ADO.NET , Sharepoint , UML , SQL Server  training 
and Interview questions and answers


Article Top
 
Sign Up to vote   Poor Excellent
Add a reason or comment to your vote: x
Votes of 3 or less require a comment

Comments and Discussions

 
Hint: For improved responsiveness ensure Javascript is enabled and choose 'Normal' from the Layout dropdown and hit 'Update'.
You must Sign In to use this message board.
Search this forum  
    Spacing  Noise  Layout  Per page   
First Prev Next
QuestionServiceClient1 does not contain definition for CredentialsmemberMember 996489623 Apr '13 - 21:30 
QuestionNot able to consume service after clientCredentialType is set to " Windows"memberMember 996489623 Apr '13 - 19:43 
AnswerRe: Not able to consume service after clientCredentialType is set to " Windows"memberMember 996489623 Apr '13 - 20:54 
QuestionIs there a way to set the credentials through the config file?memberprogrammeranalyst2 Apr '13 - 11:49 
QuestionCode Not working in VS 2012membermeeram3913 Dec '12 - 22:47 
Questionwell donememberVincenzo Malvone11 Dec '12 - 3:36 
QuestionVery nicemembersaikat Malakar9 Nov '12 - 1:32 
QuestionAuthntication not working if service added as Service Reference with BasicHttpBindingmemberSendilkumar.M22 Jun '12 - 2:38 
QuestionBasicHTTPBindingmemberNilpesh29 May '12 - 20:31 
AnswerRe: BasicHTTPBindingmemberandrusha00713 Jul '12 - 4:51 
QuestionPassing Windows credentials from from Client to Database through WCFmemberManjunathabe0114 Mar '12 - 23:35 
QuestionFacing one issue. [modified]memberrajwithu20 Dec '11 - 17:58 
QuestionProduction Deployment?memberpravinpatkar14 Oct '11 - 11:10 
GeneralMy vote of 4memberEng. bipin24 Sep '11 - 2:29 
Questionit is not working for WCF 4.0 and IIS 7memberVivek Shrivastava17 May '11 - 0:05 
GeneralSecurity settings not enabled for the IIS applicationmemberABlokha7727 Mar '11 - 20:27 
GeneralSpeciifc Windows Id Authenticationmembermeatcp4 Mar '11 - 9:56 
Generalit is not enabled for the IIS application that hosts this servicememberBMWABCD16 Sep '10 - 12:52 
I tried to run your code and get the following error:
System.NotSupportedException: Security settings for this service require Windows Authentication but it is not enabled for the IIS application that hosts this service
 
Do you know what I need to do for fixing this problem?
Thanks.
Sign In·View Thread·Permalink
QuestionUnauthorized with client authentication scheme...memberPradeep Babu Yadagani8 Sep '10 - 9:11 
QuestionSilverlight 3???membermarkbaer6 Jan '10 - 13:22 
AnswerRe: Silverlight 3???memberrobalexclark15 Jan '10 - 1:58 
GeneralNot workingmemberbiopsy20 Nov '09 - 14:36 
GeneralActive Directorymemberraranibar2 Jul '09 - 2:34 
GeneralHTTP 405: Method Not Allowed.memberraranibar1 Jul '09 - 13:31 
GeneralErrormemberraranibar1 Jul '09 - 13:19 
GeneralRe: ErrormemberSancho Pancho27 Aug '09 - 5:58 
GeneralXML IndentationmemberDmitri Nesteruk20 May '09 - 21:42 
GeneralExcellent article.memberM.K.A. Monster12 May '09 - 9:07 
GeneralGood Stuff.memberRene Pilon9 May '09 - 8:38 
Last Visit: 31 Dec '99 - 18:00     Last Update: 21 May '13 - 15:31Refresh1

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Rant Rant    Admin Admin   

About Article
Eight basic steps by which we can enable Windows authentication security on BasicHttpBinding.
Type Article
Licence CPOL
First Posted 9 May 2009
Views 155,439
Downloads 2,523
Bookmarked 103 times

, +
Top News

The Next Version of Android - Some of What's Coming

Get the Insider News free each morning.
Related Videos
DevExpress: Windows Inspired Applications
Video #4 - Domain and VM Techniques - Part 1
Difference between BasicHttpBinding and WsHttpBinding
Use Mutual SSL Authentication in WCF
WCF FAQ: Part 3 – 10 security related FAQ
Silverlight Windows User Identity Name
6 Steps to Implement DUAL Security on WCF using User name + SSL
Windows Communication Foundation FAQ quick starter Part 1
Basic Authentication on a WCF REST Service
ASP.NET authentication and authorization
WCF ClearUsernameBinding: Send username without SSL or x.509 certificates
WCF: From a Beginner's perspective & a Tutorial
Nine simple steps to enable X.509 certificates on WCF
7 Simple Steps to Connect SQL Server using WCF from SilverLight
Windows Communication Foundation FAQ quick starter Part 2
A closer look at Windows Communication Foundation
Silver JukeBox with an Alternative Client
Getting Started with WCF
WCF FAQ Part 5 – Transactions
Building a Web Message Board using Visual Studio 2008 Part II - Posting messages using Microsoft Word
Windows Communication Foundation QuickStart - Multiple Binding VS2010
Learn MVC (Model View Controller) Step by Step in 7 Days – Day 3
Permalink | Advertise | Privacy | Mobile
Web02 | 2.6.130516.1 | Last Updated 10 May 2009
Article Copyright 2009 by Shivprasad koirala
Everything else Copyright © CodeProject, 1999-2013
Terms of Use
Layout: fixed | fluid