我如何告诉WCF客户端代理类，以使用Windows身份验证并已登录的域用户的凭据的WindowsPrincipal？ [英] How do I tell a WCF client proxy class to use windows authentication and the WindowsPrincipal of the already logged in domain user as credentials?

问题描述

我有一个WPF Windows客户端调用一个WCF的Web服务。已登录的用户在Windows域上启动应用程序和WCF服务使用Windows身份验证之前。

I've got a WPF windows client that calls a WCF web service. The user is already logged in on the windows domain before starting the application and the WCF service uses windows authentication.

我希望WPF客户端调用WCF服务时使用的已登录的WindowsPrincipal用户。我不想创建具有明确的用户名和放大器一个新的NetworkCredential的实例;密码要做到这一点，仅仅是因为要求用户登录两次（在Windows和应用程序）.​​..嗯pretty的用户不友好的。

I want the WPF client to use the WindowsPrincipal of the already logged in user when calling the WCF service. I do NOT want to create a new NetworkCredential instance with an EXPLICIT username & password to do this, simply because asking the user to log in twice (in Windows and the app) is ... well pretty user unfriendly.

大多数我见过用这种方式来设置凭据，这是不是我想要什么样的

Most of the samples I've seen use this way to set the credentials, which is not what I want

serviceClientProxy.ClientCredentials.Windows.ClientCredential
= new NetworkCredential("username", "password", "domain");

相反，我愿意做这样的事情

Instead, I'd like to do something like this

serviceClientProxy.ClientCredentials.Windows.AllowedImpersonationLevel
    = TokenImpersonationLevel.Identification;
serviceClientProxy.ClientCredentials.Windows.ClientCredential
    = { /* network credential for already logged in user */ }

这就是我想要的NetworkCredential为现有（和工作）

That is, I want a NetworkCredential for the already existing (and working)

new WindowsPrincipal(WindowsIdentity.GetCurrent())

是否有人知道如何做到这一点？我试着设置安全模式=和运输 clientCredentialType =中的app.config，但到目前为止，无济于事。

Does anybody know how to do this? I've tried setting security mode = "" and transport clientCredentialType = "" in app.config, but so far to no avail.

推荐答案

两件事情。确保您的WCF服务被设置为允许Windows凭据。一旦你确认，你应该能够配置客户端使用Windows凭据类型。 （从MSDN）下面是一个例子。

Two things. Ensure that your WCF service is set to allow windows credentials. Once you've confirmed that you should be able to configure your client to use the Windows credential type. An example (from MSDN) is below.

WSHttpBinding myBinding = new WSHttpBinding();
myBinding.Security.Mode = SecurityMode.Message;
myBinding.Security.Message.ClientCredentialType = MessageCredentialType.Windows;

这篇关于我如何告诉WCF客户端代理类，以使用Windows身份验证并已登录的域用户的凭据的WindowsPrincipal？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！