I have a WCF service using BasicHttpBinding with Windows authentication. Most clients are domain accounts and connect to the service using their default credentials.
我有一个使用BasicHttpBinding和Windows身份验证的WCF服务。大多数客户端都是域帐户,并使用其默认凭据连接到服务。
Now I want to connect to the service from an ASP.NET client that is running under a local account. I want to connect to the WCF service using windows credentials (domain\user and password) that are available to the ASP.NET application.
现在,我想从在本地帐户下运行的ASP.NET客户端连接到该服务。我想使用ASP.NET应用程序可用的Windows凭据(域\用户和密码)连接到WCF服务。
I know I can do this in code using ClientBase<T>.ClientCredentials.
我知道我可以使用ClientBase
Is there a way to specify the credentials (domain\user and password) in the client's web.config file so I don't have to change the code?
有没有办法在客户端的web.config文件中指定凭据(域\用户和密码),所以我不必更改代码?
EDIT
If it can't be done in the configuration file, is there a way of using System.Net.ICredentials or System.Net.NetworkCredential as a credential for a WCF service?
如果无法在配置文件中完成,是否有办法使用System.Net.ICredentials或System.Net.NetworkCredential作为WCF服务的凭据?
The .NET Framework provides these as a homogenous way to provide network credentials, but with WCF this seems to have been thrown out in favour of a new incompatible system based on the unrelated System.ServiceModel.Description.ClientCredentials class.
.NET Framework提供了这些作为提供网络凭据的同类方式,但是对于WCF,这似乎已经被抛弃,转而支持基于不相关的System.ServiceModel.Description.ClientCredentials类的新的不兼容系统。
EDIT 2
Accepting Marc's answer to the original question - it seems there is no way to do this in the client configuration file :(
接受Marc对原始问题的回答 - 似乎在客户端配置文件中没有办法做到这一点:(
I would see this as a deficiency in WCF - I don't accept that Microsoft should be deliberately discouraging us from putting credentials in the configuration file - after all they have to be stored somewhere, and the Framework includes facilities for encrypting the config file. I guess I could create a custom BehaviorExtensionElement for this, but it ought to be available out of the box.
我认为这是WCF的一个缺陷 - 我不接受微软应该故意阻止我们在配置文件中放置凭据 - 毕竟它们必须存储在某个地方,而Framework包含加密配置文件的工具。我想我可以为此创建一个自定义的BehaviorExtensionElement,但它应该是开箱即用的。
It's also a bit inconsistent: the system.net/mailSettings/smtp/network configuration element allows credentials to be specified, so why not WCF?
它也有点不一致:system.net/mailSettings/smtp/network配置元素允许指定凭据,为什么不WCF?
Regarding the second question about using System.Net.NetworkCredential, it seems from this blog that it is possible, at least when using Windows authentication, with the following code:
关于使用System.Net.NetworkCredential的第二个问题,从这篇博客看来,至少在使用Windows身份验证时,可以使用以下代码:
factory.Credentials.Windows.ClientCredential =
new System.Net.NetworkCredential(name, password, domain);
6 个解决方案
#1
You can't specify your credentials in the config file, unfortunately - you have to do this in code (most likely because otherwise you might end up with credentials in your config file, in plain text - not a good thing....).
不幸的是,您不能在配置文件中指定您的凭据 - 您必须在代码中执行此操作(最可能的原因是,您可能最终在配置文件中使用凭据,纯文本 - 这不是一件好事....) 。
#2
Svc.ClientCredentials.UserName.UserName = AppSettings["WCFSvcUsername"];
Svc.ClientCredentials.UserName.Password = AppSettings["WCFSvcPassword"];
is incorrect. It is used with message security and clientCredentialType="UserName". You should use
是不正确的。它与消息安全性和clientCredentialType =“UserName”一起使用。你应该用
Svc.ClientCredentials.Windows.ClientCredential = new NetworkCredential(...);
#3
It seems there is no way to set id and password in the default binding configuration (I'm still looking), I did it adding the code bellow, but still wish microsoft would add it to the default bindings
似乎没有办法在默认的绑定配置中设置id和密码(我还在寻找),我做了它添加下面的代码,但仍希望microsoft将它添加到默认绑定
<appSettings>
<add key="user" value="user" />
<add key="password" value="password" />
<add key="domain" value="domain" />
</appSettings>
// client side code
string userName = ConfigurationManager.AppSettings.Get("user");
string pswd = ConfigurationManager.AppSettings.Get("password");
string domain = ConfigurationManager.AppSettings.Get("domain");
client.ClientCredentials.Windows.ClientCredential.Domain = domain;
client.ClientCredentials.Windows.ClientCredential.UserName = userName;
client.ClientCredentials.Windows.ClientCredential.Password = pswd;
Sebastian Castaldi
#4
I understand that there isn't a mechanism to specify the credentials within the <binding> tags, but why not do this:
我知道没有一种机制来指定
Svc.ClientCredentials.UserName.UserName = AppSettings["WCFSvcUsername"];
Svc.ClientCredentials.UserName.Password = AppSettings["WCFSvcPassword"];
#5
Svc.ClientCredentials.Windows.ClientCredential =
System.Net.CredentialCache.DefaultNetworkCredentials;
#6
Have you tried this?
你试过这个吗?
<system.web>
<identity impersonate="true" userName="username" password="password"/>
</system.web>
#1
You can't specify your credentials in the config file, unfortunately - you have to do this in code (most likely because otherwise you might end up with credentials in your config file, in plain text - not a good thing....).
不幸的是,您不能在配置文件中指定您的凭据 - 您必须在代码中执行此操作(最可能的原因是,您可能最终在配置文件中使用凭据,纯文本 - 这不是一件好事....) 。
#2
Svc.ClientCredentials.UserName.UserName = AppSettings["WCFSvcUsername"];
Svc.ClientCredentials.UserName.Password = AppSettings["WCFSvcPassword"];
is incorrect. It is used with message security and clientCredentialType="UserName". You should use
是不正确的。它与消息安全性和clientCredentialType =“UserName”一起使用。你应该用
Svc.ClientCredentials.Windows.ClientCredential = new NetworkCredential(...);
#3
It seems there is no way to set id and password in the default binding configuration (I'm still looking), I did it adding the code bellow, but still wish microsoft would add it to the default bindings
似乎没有办法在默认的绑定配置中设置id和密码(我还在寻找),我做了它添加下面的代码,但仍希望microsoft将它添加到默认绑定
<appSettings>
<add key="user" value="user" />
<add key="password" value="password" />
<add key="domain" value="domain" />
</appSettings>
// client side code
string userName = ConfigurationManager.AppSettings.Get("user");
string pswd = ConfigurationManager.AppSettings.Get("password");
string domain = ConfigurationManager.AppSettings.Get("domain");
client.ClientCredentials.Windows.ClientCredential.Domain = domain;
client.ClientCredentials.Windows.ClientCredential.UserName = userName;
client.ClientCredentials.Windows.ClientCredential.Password = pswd;
Sebastian Castaldi
#4
I understand that there isn't a mechanism to specify the credentials within the <binding> tags, but why not do this:
我知道没有一种机制来指定
Svc.ClientCredentials.UserName.UserName = AppSettings["WCFSvcUsername"];
Svc.ClientCredentials.UserName.Password = AppSettings["WCFSvcPassword"];
#5
Svc.ClientCredentials.Windows.ClientCredential =
System.Net.CredentialCache.DefaultNetworkCredentials;
#6
Have you tried this?
你试过这个吗?
<system.web>
<identity impersonate="true" userName="username" password="password"/>
</system.web>