1

标题几乎说明了一切,我想配置我的 WCF 服务,以便用户只能使用 Kerberos 进行身份验证,而不是 NTLM(用于调试目的)。有什么办法吗?

在客户端,显然是通过设置 clientCredentials/windows/@allowNtlm="false" 来完成的,但服务器似乎没有等效的属性。

我的配置:

<?xml version="1.0"?>
<configuration>
  <system.serviceModel>
    <behaviors>
      <serviceBehaviors>
        <behavior>
          <serviceMetadata httpGetEnabled="true" />
          <serviceDebug includeExceptionDetailInFaults="true"/>
        </behavior>
      </serviceBehaviors>
      <endpointBehaviors>
        <behavior name="rest">
          <webHttp helpEnabled="true" defaultOutgoingResponseFormat="Xml" automaticFormatSelectionEnabled="false" faultExceptionEnabled="true" />
        </behavior>
      </endpointBehaviors>
    </behaviors>
    <services>
      <service name="MyService">
        <endpoint address="" binding="webHttpBinding" bindingConfiguration="rss" contract="MyProject.IMyService" behaviorConfiguration="rest" />
        <host>
          <baseAddresses>
            <add baseAddress="http://localhost:8732/Design_Time_Addresses/MyProject/MyService/"/>
          </baseAddresses>
        </host>
      </service>
    </services>
    <bindings>
      <webHttpBinding>
        <binding name="rss">
          <security mode="TransportCredentialOnly">
            <transport clientCredentialType="Windows" />
          </security>
        </binding>
      </webHttpBinding>
    </bindings>
  </system.serviceModel>
  <startup>
    <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.0"/>
  </startup>
</configuration>
4

1 回答 1

0

我认为您可以实现这一点,将您的服务托管在IIS- 您可以指定启用的身份验证提供程序,右键单击管理器中的'Windows Authentification'项目。只需关闭/打开所需的提供商。Authentification settingsIIS

于 2012-08-09T19:02:17.990 回答