Click here to Skip to main content
15,867,568 members
Articles / Web Development / ASP.NET

Eight steps to enable Windows authentication on WCF BasicHttpBinding

Rate me:
Please Sign up or sign in to vote.
4.87/5 (28 votes)
9 May 2009CPOL4 min read 454.5K   5.4K   130   35
Eight basic steps by which we can enable Windows authentication security on BasicHttpBinding.

Table of contents

Introduction and goal

In this session, we will go through eight basic steps by which we can enable Windows authentication security on BasicHttpBinding. There are two types of security you can define in WCF: transport level and message level. In this article, we will discuss how we can define transport level security on BasicHttpBinding.

Nowadays I am distributing my 400 questions and answers ebook which covers major .NET related topics like WCF, WPF, WWF, AJAX, core .NET, SQL Server, architecture, and a lot more. I am sure you will enjoy this ebook: http://www.questpond.com/SampleDotNetInterviewQuestionBook.zip.

My other WCF FAQ articles

Step 1: Create a WCF project

Create a WCF service application project as shown in the below figure:

Image 1

By default, the WCF project creates a class file which has the GetData function. This function takes in a number values and displays an explanatory sentence like ‘You entered 1 value’ when you enter ‘1’.

C#
public class Service1 : IService1
{
    public string GetData(int value)
    {
        return string.Format("You entered: {0}", value);
    }
}

Step 2: Ensure authentication mode is Windows

When we create a WCF service application, it also has a web.config file associated with it. So open the web.config file and ensure that the authentication mode is Windows.

XML
<authentication mode="Windows" />

Step 3: Define the binding in the web.config file

The third step is to define the bindings and the transport type. To define the bindings, we need to enter the basicHttpBinding element inside the bindings XML tag. We also need to define the clientCredentialType as Windows.

XML
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="BasicHttpEndpointBinding">
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Windows" />
</security>
</binding>
</basicHttpBinding>
</bindings>
<services>
.........
.........
</system.serviceModel>

Step 4: Bind the bindings with service interface

Now the bindings defined needs to be associated with a service interface, i.e., service1. So we need to modify the services elements as shown below. You can note that we have defined an end point which has the binding association.

XML
<system.serviceModel>
........
........
........
<services>
<service behaviorConfiguration="WCFWindowsBasicHttpBinding.Service1Behavior" 
                       name="WCFWindowsBasicHttpBinding.Service1">
<endpoint address="" binding="basicHttpBinding"
bindingConfiguration="BasicHttpEndpointBinding"
name="BasicHttpEndpoint" contract="WCFWindowsBasicHttpBinding.IService1">
<identity>
<dns value="localhost" />
</identity>
</endpoint>
</service>
</services>
.........
.........
.........
.........
</system.serviceModel>

Overall your <system.serviceModel> XML part as a whole with bindings and services is as shown below:

XML
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="BasicHttpEndpointBinding">
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Windows" />
</security>
</binding>
</basicHttpBinding>
</bindings>
<services>
<service behaviorConfiguration="WCFWindowsBasicHttpBinding.Service1Behavior" 
               name="WCFWindowsBasicHttpBinding.Service1">
<endpoint address="" binding="basicHttpBinding"
bindingConfiguration="BasicHttpEndpointBinding"
name="BasicHttpEndpoint" contract="WCFWindowsBasicHttpBinding.IService1">
<identity>
<dns value="localhost" />
</identity>
</endpoint>
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="WCFWindowsBasicHttpBinding.Service1Behavior">
<!-- To avoid disclosing metadata information, set the value below 
               to false and remove the metadata endpoint above before deployment -->
<serviceMetadata httpGetEnabled="true"/>
<!-- To receive exception details in faults for debugging purposes, set the value below 
              to true. Set to false before deployment to avoid disclosing exception information -->
<serviceDebug includeExceptionDetailInFaults="false"/>
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>

Step 5: Ensure that anonymous access is disabled

Go to IIS properties and click on the Security tab and ensure that anonymous access is disabled and only Windows authentication is enabled.

Image 2

Step 6: Host your WCF service on IIS

We need to host our service in IIS. Make the directory an IIS application so that your service can be hosted. Now if you try to browse the service, i.e., the SVC file, you will see that it pops up the authentication authorization security dialog box. So this service cannot be executed with Windows authentication.

Image 3

Step 7: Consume the WCF service

Let’s consume the WCF service. Add an ASP.NET web application and do a add web reference. You will be popped up with a dialog box as shown below. Click on Add Reference so that a proxy is generated for the WCF service.

Image 4

Step 8: Create the WCF client

Type in the following code snippet in your page load. Add the namespace reference and call the method GetData. The most important step to note is the credential supplied. DefaultCredentials passes the current Windows identity to the WCF service.

Image 5

If you execute the service, you should get the following display as shown below:

Image 6

You can try commenting the below code in your client, in other words we are not passing any credentials.

C#
obj.Credentials = System.Net.CredentialCache.DefaultCredentials;

Now if you execute, you should get the below error stating that this is an unauthorized call.

Image 7

For further reading do watch the below interview preparation videos and step by step video series.

License

This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)


Written By
Architect https://www.questpond.com
India India

Comments and Discussions

 
QuestionCode not working Pin
Member 1456232918-Aug-19 23:31
Member 1456232918-Aug-19 23:31 
AnswerRe: Code not working Pin
Member 1456232919-Aug-19 0:10
Member 1456232919-Aug-19 0:10 
QuestionGettting the error security. Pin
Andy Eng5-Jan-17 0:59
Andy Eng5-Jan-17 0:59 
QuestionServiceClient1 does not contain definition for Credentials Pin
Member 996489623-Apr-13 21:30
Member 996489623-Apr-13 21:30 
AnswerRe: ServiceClient1 does not contain definition for Credentials Pin
Afazal MD 310420911-Dec-13 22:43
professionalAfazal MD 310420911-Dec-13 22:43 
GeneralRe: ServiceClient1 does not contain definition for Credentials Pin
sudh198315-Feb-14 6:03
sudh198315-Feb-14 6:03 
QuestionNot able to consume service after clientCredentialType is set to " Windows" Pin
Member 996489623-Apr-13 19:43
Member 996489623-Apr-13 19:43 
AnswerRe: Not able to consume service after clientCredentialType is set to " Windows" Pin
Member 996489623-Apr-13 20:54
Member 996489623-Apr-13 20:54 
QuestionIs there a way to set the credentials through the config file? Pin
programmeranalyst2-Apr-13 11:49
programmeranalyst2-Apr-13 11:49 
QuestionCode Not working in VS 2012 Pin
meeram3913-Dec-12 22:47
professionalmeeram3913-Dec-12 22:47 
AnswerRe: Code Not working in VS 2012 Pin
Afazal MD 310420911-Dec-13 22:42
professionalAfazal MD 310420911-Dec-13 22:42 
Questionwell done Pin
Vincenzo Malvone11-Dec-12 3:36
Vincenzo Malvone11-Dec-12 3:36 
QuestionVery nice Pin
saikat Malakar9-Nov-12 1:32
saikat Malakar9-Nov-12 1:32 
QuestionAuthntication not working if service added as Service Reference with BasicHttpBinding Pin
Sendilkumar.M22-Jun-12 2:38
Sendilkumar.M22-Jun-12 2:38 
QuestionBasicHTTPBinding Pin
Nilpesh29-May-12 20:31
Nilpesh29-May-12 20:31 
AnswerRe: BasicHTTPBinding Pin
andrusha00713-Jul-12 4:51
andrusha00713-Jul-12 4:51 
QuestionPassing Windows credentials from from Client to Database through WCF Pin
Manjunathabe0114-Mar-12 23:35
Manjunathabe0114-Mar-12 23:35 
QuestionFacing one issue. Pin
rajwithu20-Dec-11 17:58
rajwithu20-Dec-11 17:58 
QuestionProduction Deployment? Pin
googlEngineer14-Oct-11 11:10
professionalgooglEngineer14-Oct-11 11:10 
GeneralMy vote of 4 Pin
Eng. bipin 24-Sep-11 2:29
Eng. bipin 24-Sep-11 2:29 
Questionit is not working for WCF 4.0 and IIS 7 Pin
Vivek Shrivastava17-May-11 0:05
Vivek Shrivastava17-May-11 0:05 
Hi i tried and follow all step for WCF 4 and on window 7 machine . but configurtion is working but the userid and password pop-up is not comming. And also as per teh step 8 "Create teh WCF client", in place of obj.Credential Obj.Client credential is cooming which have only get property. please help me in that case. how i do same thing in window 7 machine.
GeneralSecurity settings not enabled for the IIS application Pin
ABlokha7727-Mar-11 20:27
ABlokha7727-Mar-11 20:27 
GeneralSpeciifc Windows Id Authentication Pin
meatcp4-Mar-11 9:56
meatcp4-Mar-11 9:56 
Generalit is not enabled for the IIS application that hosts this service Pin
BMWABCD16-Sep-10 12:52
BMWABCD16-Sep-10 12:52 
QuestionUnauthorized with client authentication scheme... Pin
Pradeep Babu Yadagani8-Sep-10 9:11
Pradeep Babu Yadagani8-Sep-10 9:11 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Praise Praise    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.