wcf - 在我的 WCF Web 服务中获取 WindowsIdentity

Question

我从一个不再与我们在一起的开发人员那里接管了代码。这是一个 WCF Web 服务，最初使用传入的用户名，但我们需要它来使用 WindowsIdentity。

string identity = ServiceSecurityContext.Current.WindowsIdentity.Name;

该代码最终返回一个空字符串。我正在使用安全(wsHttpSecure)绑定(bind)，因此 ServiceSecurityContext.Current 不是 null 或任何东西。我一直在寻找解决方案一天，但还没有找到任何东西。

因为我是 WCF 的新手，所以我不确定还有哪些其他信息是相关的。以下是 IIS 中 Web 服务的启用身份验证设置:

Anonymous Authentication - Enabled
Windows Authentication - Enabled

这是 web 服务的 web.config:

<?xml version="1.0" encoding="UTF-8"?>
<configuration>
    <connectionStrings>
        <clear />
        <add name="LocalSqlServer" connectionString="Data Source=.\instanceNameHere;Initial Catalog=default;Integrated Security=SSPI;"/>
    </connectionStrings>
    <appSettings configSource="appSettings.config" />
    <system.diagnostics>
        <sources>
            <source name="System.ServiceModel" switchValue="Information, ActivityTracing" propagateActivity="true">
                <listeners>
                    <add name="traceListener" type="System.Diagnostics.XmlWriterTraceListener" initializeData="c:\ServiceLogs\WebServiceLog.svclog" />
                </listeners>
            </source>
        </sources>
    </system.diagnostics>
    <system.web>
        <trace enabled="true" />
        <membership defaultProvider="XIMembershipProvider" userIsOnlineTimeWindow="30">
            <providers>
                <clear/>
                <add name="XIMembershipProvider" type="LolSoftware.MiddleTier.BusinessLogic.XIMembershipProvider"
      applicationName="LolWebService"/>
            </providers>
        </membership>
        <compilation debug="true" targetFramework="4.0" />
    </system.web>
    <system.serviceModel>
        <client />
        <serviceHostingEnvironment multipleSiteBindingsEnabled="true" />
        <behaviors configSource="behaviors.config" />
        <bindings configSource="bindings.config" />
        <services configSource="services.config" />
    </system.serviceModel>
    <system.webServer>
        <modules runAllManagedModulesForAllRequests="true" />
        <handlers>
            <remove name="svc-ISAPI-4.0_64bit"/>
            <remove name="svc-ISAPI-4.0"/>
            <remove name="svc-Integrated-4.0"/>
            <add name="svc-ISAPI-4.0_64bit" path="*.svc" verb="*" modules="IsapiModule" scriptProcessor="%systemroot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_isapi.dll" resourceType="Unspecified" preCondition="classicMode,runtimeVersionv4.0,bitness64" />
            <add name="svc-ISAPI-4.0" path="*.svc" verb="*" modules="IsapiModule" scriptProcessor="%systemroot%\Microsoft.NET\Framework\v4.0.30319\aspnet_isapi.dll" resourceType="Unspecified" preCondition="classicMode,runtimeVersionv4.0,bitness32" />
            <add name="svc-Integrated-4.0" path="*.svc" verb="*" type="System.ServiceModel.Activation.HttpHandler, System.ServiceModel.Activation, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" resourceType="Unspecified" preCondition="integratedMode" />
        </handlers>
    </system.webServer>
</configuration>

以及 bindings.config:

<bindings>
    <wsHttpBinding>
    <binding name="wsHttpSecure">
        <security mode="TransportWithMessageCredential">
            <transport clientCredentialType="None" />
            <message clientCredentialType="UserName" />
        </security>
    </binding>
    <binding name="wsHttp">
        <security mode="None" />
    </binding>
   </wsHttpBinding>
</bindings>

行为.config:

<behaviors>
    <serviceBehaviors>
        <behavior name="serviceBehavior">
            <serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
            <serviceDebug includeExceptionDetailInFaults="true" />
            <serviceThrottling maxConcurrentCalls="200" maxConcurrentSessions="200" />
            <serviceCredentials>
                <userNameAuthentication userNamePasswordValidationMode="MembershipProvider" membershipProviderName="XIMembershipProvider"/>
            </serviceCredentials>
        </behavior>
    </serviceBehaviors>
    <!-- -->
    <endpointBehaviors>
        <behavior name="restBehavior">
            <webHttp/>
        </behavior>
    </endpointBehaviors>
    <!-- -->
</behaviors>

服务配置:

<services>
    <service name="LolSoftware.MiddleTier.WebService.LolWebService" behaviorConfiguration="serviceBehavior">
        <endpoint name="LolWebService_WSHttpEndpointSecure" contract="LolSoftware.MiddleTier.Interfaces.ILolWebService" binding="wsHttpBinding" bindingConfiguration="wsHttpSecure"/>
        <endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />
    </service>
</services>

提前致谢。

Answer 1

如果你想得到WindowsIdentity在服务上，您必须使用 Windows 身份验证而不是 UserName验证。请注意，Windows 身份验证仅适用于您域中的 Windows 帐户。您应该更改 IIS 配置并禁用匿名访问。然后改wsHttpBinding配置为:

<bindings>
    <wsHttpBinding>
        <binding name="wsHttpSecure">
            <security mode="Transport">
                <transport clientCredentialType="Windows" />
            </security>
        </binding>
   </wsHttpBinding>
</bindings>

您不需要 ASP.NET 兼容性即可使用 Windows 身份验证。