How do I tell a WCF client proxy class to use windows authentication and the WindowsPrincipal of the already logged in domain user as credentials?
Asked Answered
P

2

3

I've got a WPF windows client that calls a WCF web service. The user is already logged in on the windows domain before starting the application and the WCF service uses windows authentication.

I want the WPF client to use the WindowsPrincipal of the already logged in user when calling the WCF service. I do NOT want to create a new NetworkCredential instance with an EXPLICIT username & password to do this, simply because asking the user to log in twice (in Windows and the app) is ... well pretty user unfriendly.

Most of the samples I've seen use this way to set the credentials, which is not what I want

serviceClientProxy.ClientCredentials.Windows.ClientCredential
= new NetworkCredential("username", "password", "domain");

Instead, I'd like to do something like this

serviceClientProxy.ClientCredentials.Windows.AllowedImpersonationLevel
    = TokenImpersonationLevel.Identification;
serviceClientProxy.ClientCredentials.Windows.ClientCredential
    = { /* network credential for already logged in user */ }

That is, I want a NetworkCredential for the already existing (and working)

new WindowsPrincipal(WindowsIdentity.GetCurrent())

Does anybody know how to do this? I've tried setting security mode = "" and transport clientCredentialType = "" in app.config, but so far to no avail.

Propraetor answered 2/7, 2010 at 13:38 Comment(0)
S
0

Two things. Ensure that your WCF service is set to allow windows credentials. Once you've confirmed that you should be able to configure your client to use the Windows credential type. An example (from MSDN) is below.

WSHttpBinding myBinding = new WSHttpBinding();
myBinding.Security.Mode = SecurityMode.Message;
myBinding.Security.Message.ClientCredentialType = MessageCredentialType.Windows;
Spelt answered 7/7, 2010 at 13:51 Comment(0)
H
0

In your app.config:

  • Add:

    <system.net>
      <defaultProxy useDefaultCredentials="true"></defaultProxy>
    </system.net>
    
  • In your binding in element binding/security/transport, set proxyCredentialType="Ntlm"

Hate answered 7/7, 2010 at 14:0 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.