Passing credential over basicHttpBinding

Silverlight client only support basicHttpBinding, for internal usage it would be nice we can pass credential over basciHttpBinding. Server side config:


      <basicHttpBinding>
        <binding name="BasicBindingWithSecurity">
          <security mode="TransportCredentialOnly">
            <transport clientCredentialType="Windows" />
          </security>
        </binding>
      </basicHttpBinding>

Server side can simply use either

System.Threading.Thread.CurrentPrincipal.IsInRole(role)

or

new PrincipalPermission(null, role).Demand()

to check permission.

Silverlight client config:

            <basicHttpBinding>
                <binding name="client">
                    <security mode="TransportCredentialOnly" />
                </binding>
            </basicHttpBinding>

WPF client config:

         <security mode="TransportCredentialOnly">
            <transport clientCredentialType="Windows" proxyCredentialType="None"
              realm="" />
            <message clientCredentialType="UserName" algorithmSuite="Default" />
          </security>

Config through code, note the way to setup clientCredentialType. Otherwise got an error:

must set message clientCredentialType to avoid this kind of error:

The HTTP request is unauthorized with client authentication scheme ‘Anonymous’. The authentication header received from the server was ‘Negotiate,NTLM,Basic realm=”Noneed”‘.
            var binding = new BasicHttpBinding(BasicHttpSecurityMode.TransportCredentialOnly);
            binding.Security.Mode = BasicHttpSecurityMode.TransportCredentialOnly;
            binding.Security.Transport = new HttpTransportSecurity()
                                             {
                                                 ClientCredentialType = HttpClientCredentialType.Windows,
                                             };

             var factory = new ChannelFactory<IVineOnlineAdminService>(
                binding,
                new EndpointAddress("http://localhost/MyService.svc"));
             factory.CreateChannel().MyMethod();
            ...
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s