Reputation: 3106
Can you use Integrated Windows Authentication out-of-browser?
I have a WCF service that is being consumed by two clients:
- A Silverlight client; this works fine with IWA.
- A desktop application
I want to use IWA in the desktop application, but is that possible? I'm getting an HTTP error message saying I'm passing in Anonymous, when it wants Negotiate or NTLM. Sounds pretty obvious, but how can I fix this?
Upvotes: 2
Views: 1745
Answers (3)
Reputation: 8562
When your desktop application starts, the first thing you should do in Program.cs is this:
System.Threading.Thread.CurrentPrincipal = new System.Security.Principal.WindowsPrincipal(System.Security.Principal.WindowsIdentity.GetCurrent());
By default CurrentPrincipal is the GenericPrincipal, which is not authenticated. Also, remember you'll need to execute that code on any threads you spin up as well.
You'll also need to configure Wcf so that it connects to your service, probably similar to how you configured it for Silverlight.
Upvotes: 0
Reputation: 3106
You can do this. It does turn out that you need to essentially mix the web.config and client config files into the app.config file of your desktop application.
So you'd need to add the web.config lines:
<system.web>
<authentication mode="Windows"/>
</system.web>
and
<bindings>
<basicHttpBinding>
<binding name="winAuthenticationBinding">
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Windows" proxyCredentialType="Windows"/>
</security>
</binding>
</basicHttpBinding>
</bindings>
(obviously put within the <system.serviceModel> tag.
And then use that binding with the client endpoint that you'd normally put in in a client config file.
Upvotes: 4
Reputation: 16757
While there isn't a lot to look at here to help diagnose the issue, I would suggest you look over this resource and see what your desktop application is missing: http://msdn.microsoft.com/en-us/library/bb629363.aspx
It is my assumption that since your Silverlight application runs server-side, the issue is passing your authentication over the network rather than just inside the server network. The other possibility is that you have a custom configuration for your Silverlight application that you haven't brought over for your desktop application. For example, you can change the authentication mechanism inside the config file from the default that comes with the WSDL to something else. Maybe that is what the Silverlight application developer did and you just need to mimic it.
Upvotes: 0
Related Questions
- WCF service with Windows Authentication accessed from desktop and web
- IIS7: Setup Integrated Windows Authentication like in IIS6
- ASP.NET authentication from a Windows Forms application
- How can I do Windows Authentication with WCF over http?
- Integrated Windows Authentication in WCF on IIS 6.0
- IIS 7 secure windows authentication over the internet
- Is it possible to get Windows Authentication in ASP.NET without enabling it in IIS?
- Is there a way to grab the password using windows authentication with webhttpbinding in WCF?
- Stand-alone Silverlight Web Application that need Authentication
- Can WCF do WindowsAuthentication with username password?