ASP.NET MVC 5 + WCF – Windows Authentication + PrincipalPermission + ServiceSecurityContext
| ( Web Application : WCF ) web.conf |
|
<?xml version="1.0" encoding="UTF-8"?> <configuration> <appSettings> <add key="ServiceAccount" value="DEISLER\LCADMIN" /> </appSettings> <system.web> <compilation debug="true" targetFramework="4.0" /> <authentication mode="Windows" /> <identity impersonate="false" /> </system.web> <system.serviceModel> <bindings> <basicHttpBinding> <binding name="BasicHttpEndpointBinding"> <security mode="TransportCredentialOnly"> <transport clientCredentialType="Windows" /> </security> </binding> </basicHttpBinding> </bindings> <services> <service behaviorConfiguration="WCF.ServiceBehavior" name="WCF.Service"> <endpoint address="" binding="basicHttpBinding" bindingConfiguration="BasicHttpEndpointBinding" name="BasicHttpEndpoint" contract="WCF.IService"> <identity> <dns value="localhost" /> </identity> </endpoint> </service> </services> <behaviors> <serviceBehaviors> <behavior name="WCF.ServiceBehavior"> <serviceMetadata httpGetEnabled="true" /> <serviceDebug includeExceptionDetailInFaults="false" /> </behavior> </serviceBehaviors> </behaviors> </system.serviceModel> <system.webServer> <modules runAllManagedModulesForAllRequests="true" /> <directoryBrowse enabled="true" /> </system.webServer> </configuration> |
| ( Web Application : WCF ) IService.cs |
|
using System; using System.ServiceModel; using System.ServiceModel.Web; namespace Wcf { [ServiceContract] public interface IService { [OperationContract] string GetAuth(); } } |
| ( Web Application : WCF ) Service.cs |
|
using System; using System.Runtime.Serialization; using System.ServiceModel; using System.Text; using System.Security.Principal; using System.Configuration; using System.Threading; using System.ServiceModel.Activation; using System.Security.Permissions; using System.Text; namespace WCF { [AspNetCompatibilityRequirements(RequirementsMode=AspNetCompatibilityRequirementsMode.Allowed)] public class Service : IService { [PrincipalPermission(SecurityAction.Demand, Name = @"DEISLER\LCADMIN")] public string GetData() { //String ServiceAccount = ConfigurationManager.AppSettings["ServiceAccount"].ToString(); StringBuilder Detail = new StringBuilder(); Detail.Append("System.Security.Principal.WindowsIdentity.GetCurrent().Name : "); Detail.Append(System.Security.Principal.WindowsIdentity.GetCurrent().Name); Detail.Append("<br />Thread.CurrentPrincipal.Identity.Name : "); Detail.Append(Thread.CurrentPrincipal.Identity.Name); Detail.Append("<br />WindowsIdentity.GetCurrent().Name : "); Detail.Append(WindowsIdentity.GetCurrent().Name); Detail.Append("<br />ServiceSecurityContext.Current.PrimaryIdentity.Name : "); Detail.Append(ServiceSecurityContext.Current.PrimaryIdentity.Name); Detail.Append("<br />ServiceSecurityContext.Current.WindowsIdentity.Name : "); Detail.Append(ServiceSecurityContext.Current.WindowsIdentity.Name); if (ServiceSecurityContext.Current.PrimaryIdentity.Name.ToUpper().ToString().Equals(@"DEISLER\LCADMIN")) { Detail.Append("<br />"); Detail.Append(ServiceSecurityContext.Current.PrimaryIdentity.Name); Detail.Append(" : Pass.<br />"); } else { Detail.Append("<br />"); Detail.Append(ServiceSecurityContext.Current.PrimaryIdentity.Name); Detail.Append(" : Access Denied.<br />"); } return Detail.ToString(); } } } |
| ( Web Application : WCFClient ) web.conf |
|
<?xml version="1.0" encoding="utf-8"?> <configuration> … … <system.web> <compilation debug="true" targetFramework="4.5.1" /> <httpRuntime targetFramework="4.5.1" /> <authentication mode="Windows" /> <authorization> <deny users="?" /> </authorization> </system.web> <system.serviceModel> <bindings> <basicHttpBinding> <binding name="BasicHttpEndpoint"> <security mode="TransportCredentialOnly"> <transport clientCredentialType="Windows" /> </security> </binding> </basicHttpBinding> </bindings> <client> <endpoint address="http://vmw81001.deisler.com:8222/Service.svc" binding="basicHttpBinding" bindingConfiguration="BasicHttpEndpoint" contract="WCFAuthReference.IService" name="BasicHttpEndpoint" /> </client> </system.serviceModel> </configuration> |
| ( Web Application : WCFClient ) \Controllers\HomeController.cs |
|
using System; using System.Collections.Generic; using System.Linq; using System.Web; using System.Web.Mvc; namespace WCFClient.Controllers { public class HomeController : Controller { public ActionResult Index() { try { WCFAuthReference.ServiceClient service = new WCFAuthReference.ServiceClient(); service.ClientCredentials.Windows.ClientCredential = new System.Net.NetworkCredential(); service.ClientCredentials.Windows.ClientCredential.UserName = "LCADMIN"; service.ClientCredentials.Windows.ClientCredential.Domain = "DEISLER"; service.ClientCredentials.Windows.ClientCredential.Password = "P@ssw0rd"; //service.ClientCredentials.Windows.ClientCredential = System.Net.CredentialCache.DefaultNetworkCredentials; ViewBag.WCF = service.GetAuth() + "<br />"; } catch (Exception ex) { ViewBag.WCF = ex.Message + "<br />"; } return View(); } … … } } |
馬仔驚自己唔記得要留既notes 