Search code examples
c#.netwcfwcf-security

How to apply basic authentication in WCF?

I'm implementing a WcfClientFactory

public class WcfClientFactory : IDisposable
{
    internal const string WildcardConfigurationName = "*";

    //We track all channels created by this instance so they can be destroyed
    private readonly List<WeakReference<IDisposable>> _disposableItems = new List<WeakReference<IDisposable>>();

    public T CreateClient<T>(string configurationName = WildcardConfigurationName, string address=null)
    {
        var factory = new ChannelFactory<T>(configurationName);
        if (!string.IsNullOrWhiteSpace(address))
        {
            factory.Endpoint.Address = new EndpointAddress(address);
        }
        var channel = factory.CreateChannel();
        var clientChannel = (IClientChannel)channel;

        clientChannel.Open();
        _disposableItems.Add(new WeakReference<IDisposable>(clientChannel,false));
        return channel;
    }

    void IDisposable.Dispose()
    {
        //No finalizer is implemented as there are no directly held scarce resources. 
        //Presumably the finalizers of items in disposableItems will handle their own teardown 
        //if it comes down to it.
        foreach (var reference in _disposableItems)
        {
            IDisposable disposable;
            if (reference.TryGetTarget(out disposable))
            {
                disposable.Dispose();
            }
        }
    }
}

So I can create a WCF clientChannel

var client = _wcfClientFactory.CreateClient<ICrmService>(address);

It works fine if the WCF does not have any authentication. Now, we want to add authentication to this factory. How can I do it? I tried below code

public T CreateClientWithBasicAuthentication<T>(string address)
{
    WSHttpBinding myBinding = new WSHttpBinding();
    myBinding.Security.Mode = SecurityMode.Transport;
    myBinding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Basic;

    var factory = new ChannelFactory<T>(myBinding, new EndpointAddress(address));
    var channel = factory.CreateChannel();
    var clientChannel = (IClientChannel)channel;

    ////CrmServiceClient csc = (CrmServiceClient)channel;
    ////csc.ClientCredentials.UserName.UserName = _UserName;
    ////csc.ClientCredentials.UserName.Password = _Password;

    clientChannel.Open();
    _disposableItems.Add(new WeakReference<IDisposable>(clientChannel, false));

    return channel;
}

But it generates exception and asks for UserName and Password. How can I set the password and username?

The variable factory has a member of Credential, but it is get only. That's why I think it has to be a way to set credential before call CreateChannel

Thanks

Solution

  • There may be a problem with the description here, your idea is right, here we can set the client authentication credentials.

    var factory = new ChannelFactory<T>(myBinding, new EndpointAddress(address));
            //for HttpClientCredentialType.Basic
            factory.Credentials.UserName.UserName = "administrator";
            factory.Credentials.UserName.Password = "abcd1234!";
            //for window credentials
            //factory.Credentials.Windows.ClientCredential.UserName = "adminsitrator";
            //factory.Credentials.Windows.ClientCredential.Password = "abcd1234!";
            var channel = factory.CreateChannel();

    Besides, please note that the binding type that the channel factory uses should be consistent with the binding type on the server-side.
    Feel free to let me know if the problem still exists.