WCF REST : (C# 4.0 template) Securing with windows authentication and hosting in a windows service?_问答_开发者

WCF REST : (C# 4.0 template) Securing with windows authentication and hosting in a windows service?

开发者 https://www.devze.com 2023-02-06 07:22 出处：网络

I am trying to find out how to secure my web services with Windows Authentication (Active Directory). I am using the \"NEW\" templates provided for c# 4.0 (vs 2010) and currently have this but i need

I am trying to find out how to secure my web services with Windows Authentication (Active Directory). I am using the "NEW" templates provided for c# 4.0 (vs 2010) and currently have this but i need to host it in a windows service - is this possible?

I thought the WCF Rest clientCredentialType ="Windows" actually uses IIS to provide this type of security?

I have searched the internet and found many examples with C# 3.5 but none for the new template provided to vs 2010 C# 4.0 to create a rest service.W

<standardEndpoints>开发者_StackOverflow;
  <webHttpEndpoint>
    <standardEndpoint name="" helpEnabled="true" 
                      automaticFormatSelectionEnabled="true">
      <security mode="">
        <transport clientCredentialType = "Windows" />
      </security>

New template in VS 2010 is called WCF REST Service application. It creates web application with single predefined REST service which is exposed by ServiceRoute. This application type is dependent on IIS hosting (or web server hosting generally) with AspNetCompatibility turned on. It can't be directly converted into hosting in windows service. Some WCF REST features (WebRouting, Output chache profiles) are dependent on AspNetCompatibility which is normally not available outside of web server.

But If you don't need those features you can easily host WCF REST services in Windows service. You can start new project as WCF service library and second project as Windows service to host services from library.

You don't need any new template from .NET 4.0 to define WebHttp endpoint with windows security. This is enough:

<bindings>
  <webHttpBinding>
    <binding>
      <security mode="TransportCredentialOnly">
        <transport clientCredentialType="Windows" />
      </security>
    </binding>
  </webHttpBinding>
</bindings>

By omitting name in binding element you are defining default webHttpBinding configuration. Each time you define endpoint with WebHttpBinding this configuration will be used. StandardEnpoint is new feature of WCF 4.0. It can be also used for in this case but it is not necessary.