description | title | ms.date | helpviewer_keywords | ms.assetid | |
---|---|---|---|---|---|
Learn more about: Message Security Windows |
Message Security Windows |
03/30/2017 |
|
d2221d1c-c9cb-48d1-b044-a3b4445c7f05 |
This sample demonstrates how to configure a xref:System.ServiceModel.WSHttpBinding binding to use message-level security with Windows authentication. This sample is based on the Getting Started. In this sample, the service is hosted in Internet Information Services (IIS) and the client is a console application (.exe).
Note
The setup procedure and build instructions for this sample are located at the end of this topic.
The default security for the <wsHttpBinding> is message security using Windows authentication. The configuration files in this sample explicitly set the mode
attribute of the <security> to Message
and the clientCredentialType
attribute to Windows
. These values are the default values for this binding, but they have been explicitly configured, as shown in the following sample configuration to demonstrate their use.
<bindings>
<wsHttpBinding>
<binding>
<security mode="Message">
<message clientCredentialType="Windows"/>
</security>
</binding>
</wsHttpBinding>
</bindings>
The client endpoint configuration consists of an absolute address for the service endpoint, the binding, and the contract. The client binding is configured with the appropriate securityMode
and authenticationMode
.
<system.serviceModel>
<client>
<endpoint address=
"http://localhost/servicemodelsamples/service.svc"
binding="wsHttpBinding"
bindingConfiguration="Binding1"
contract="Microsoft.ServiceModel.Samples.ICalculator" />
</client>
<bindings>
<wsHttpBinding>
<!-- The default security for the WSHttpBinding is -->
<!-- Message security using Windows authentication. -->
<!-- This configuration explicitly defines the security mode -->
<!-- as Message and the clientCredentialType as Windows -->
<!-- for demonstration purposes. -->
<binding name="Binding1">
<security mode="Message">
<message clientCredentialType="Windows"/>
</security>
</binding>
</wsHttpBinding>
</bindings>
</system.serviceModel>
The service source code has been modified to demonstrate how the xref:System.ServiceModel.OperationContext.ServiceSecurityContext%2A can be used to access the identity of the caller.
public string GetCallerIdentity()
{
// The Windows identity of the caller can be accessed on the ServiceSecurityContext.WindowsIdentity.
return OperationContext.Current.ServiceSecurityContext.WindowsIdentity.Name;
}
When you run the sample, the operation requests and responses are displayed in the client console window. The first method called - GetCallerIdentity
- returns the name of the caller identity back to the client. Press ENTER in the console window to shut down the client.
-
Ensure that you have performed the One-Time Setup Procedure for the Windows Communication Foundation Samples.
-
To build the C# or Visual Basic .NET edition of the solution, follow the instructions in Building the Windows Communication Foundation Samples.
-
To run the sample in a single- or cross-computer configuration, follow the instructions in Running the Windows Communication Foundation Samples.