I've created a simple WCF Service Library which exposes a few functions. The WCF is Self-Hosted (exe) and everything runs fine.
However, currently there is no security on the WCF calls. Anyone on the network can access the WCFs calls. This is where I am struggling. I want to use Windows Authentication to a domain controller. Basically I want to say DOMAINNAME\USERNAME has access. But I am struggling understanding how to accomplish this.
This is the config file I have setup so far:
Basically I am looking to being able to specify which Active Directory Accounts/Groups can access this WCF function. Similiar to how you can do it in IIS.Code:<?xml version="1.0" encoding="utf-8" ?> <configuration> <system.serviceModel> <bindings> <basicHttpBinding> <binding name="NewBinding0"> <security> <transport clientCredentialType="Windows" /> </security> </binding> </basicHttpBinding> </bindings> <services> <service behaviorConfiguration="BlackBerry_AD_WCF.ServiceBehavior" name="BlackBerry_AD_WCF.Service"> <endpoint address="" binding="basicHttpBinding" bindingConfiguration="NewBinding0" contract="BlackBerry_AD_WCF.Service" /> <endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" /> <host> <baseAddresses> <add baseAddress="http://servername.domain.xxx.com:8081/BlackBerry_AD_WCF" /> </baseAddresses> </host> </service> </services> <behaviors> <serviceBehaviors> <behavior name="BlackBerry_AD_WCF.ServiceBehavior"> <!-- To avoid disclosing metadata information, set the value below to false and remove the metadata endpoint above before deployment --> <serviceMetadata httpGetEnabled="True"/> <!-- To receive exception details in faults for debugging purposes, set the value below to true. Set to false before deployment to avoid disclosing exception information --> <serviceDebug includeExceptionDetailInFaults="True" /> </behavior> </serviceBehaviors> </behaviors> </system.serviceModel> </configuration>
Thanks for any help!
Reply With Quote