WCF模拟/验证 [英] WCF impersonation/ Authentication

问题描述

我已经通过了模拟的例子中看到，但我仍然有问题。

I've seen through the examples for impersonation but I'm still having issue.

结构的一些细节：

ASP.net：Windows身份验证结果
WCF ：托管在IIS，使用允许目前正在匿名用户

ASP.net: Windows authentication
WCF: hosted in IIS, currently working using allow anonymous user

我想实现的是允许通过身份验证的Windows登录传递给WCF访问控制像堵匿名用户试图调用服务。

What I want to achieve is to allow the authenticated Windows login to be passed to the WCF for access control like blocking anonymous users from trying to call the service.

在使用ASP.net应用程序，如果计算机以管理员身份登录，但Active Directory的失败，因为它不是广告下一个定义的用户，弹出浏览器会提示输入用户名和密码。

When using the ASP.net application, if the computer is logged in as administrator, but fails at Active Directory as it is not a defined user under the AD, a popup by the browser will prompt for the userid and password.

提示时，用户再输入相应的AD正确的用户名和密码。因此，登录过去了。结果
但是当我通过使用WCF的冒充，$ B $窗口身份验证凭据WCF B检查显示我作为管理者，而不是ASP.net身份验证的用户信息。

When prompted, user will then enter the correct user id and password corresponding to the AD. Hence, login passed.
But when I passed the window authentication credential to WCF using WCF's impersonate, it shows me as administrator instead of the ASP.net authenticated user information.

我应该怎么做才能得到正确的ASP.net身份验证的用户信息，而不是什么的Windows用户登录。

What should I do to get the correct ASP.net authenticated user information instead of what the user login in Windows.

推荐答案

在您的ASP.Net应用程序，您必须设置<身份冒充=真/方式> 在你的web.config

In your ASP.Net application you have to set <identity impersonate="true"/> in your web.config.

然后，你将不得不冒充您的来电添加到WCF服务像这样的ASP.Net应用程序内：

Then you would have to add impersonation to your call to the WCF service with something like this inside the ASP.Net app:

using (((WindowsIdentity)HttpContext.Current.User.Identity).Impersonate())
{
    WebClient client = new WebClient
       {
        Credentials = CredentialCache.DefaultNetworkCredentials
       };
    string result = client.DownloadString("http://someserver");
}

还检查出的模式和放大器;做法：WCF安全指导获取有关如何在WCF从Web应用程序调用添加模拟一个教程一步一步

Also check out patterns & practices: WCF Security Guidance for a step by step tutorial on how to add impersonation on WCF calls from a web app.

这篇关于WCF模拟/验证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！