ServiceSecurityContext is null with Castle Windsor WCF Integration Facility

406 views
Skip to first unread message

Khash Sajadi

unread,
Nov 14, 2011, 6:41:50 AM11/14/11
to castle-pro...@googlegroups.com

I'm trying to use WCF Integration Facility with Castle. So far I have the server and the client working fine. The server is hosted in IIS 7 (with a SVC file with no code behind).

Now I need to know the username of the client. For this I'm doing:

OperationContext oc = OperationContext.Current;
ServiceSecurityContext ssc = oc.ServiceSecurityContext;

But the ssc is null. I guess it has something to do with enabling TransportCredentialOnly on binding, but I don't have any bindings (using .NET 4 Default Bindings - through the Facility).

So the question boils down to:

How can I get the client username in a WCF Integration Facility hosted service on the server side.

Valeriu Caraulean

unread,
Nov 14, 2011, 8:17:24 AM11/14/11
to castle-pro...@googlegroups.com
Very rough code snippets, adjust them appropriately...

You should first set your bindings to work properly with Transport credentials:

public static Binding DefaultBinding
{
    get
    {
      return new BasicHttpBinding
      {
         // other binding config

         Security =
         {
           Mode = BasicHttpSecurityMode.TransportCredentialOnly,
           Transport = {ClientCredentialType = HttpClientCredentialType.Windows}
         }

Then you can register explicitly your services in container:

Component
   .For<TService>()
   .ImplementedBy<TServiceImpl>()
   .Named(typeof (TService).Name)
   .LifeStyle.Is(lifestyleType)
   .AsWcfService(CreateServiceModel(typeof(TService), binding));

private static DefaultServiceModel CreateServiceModel (Type serviceType, Binding binding)
{
   return new DefaultServiceModel()
    .Hosted()
    .AddEndpoints(WcfEndpoint
      .ForContract(serviceType)
      .BoundTo(binding));
}

Hope this helps...

--
You received this message because you are subscribed to the Google Groups "Castle Project Development List" group.
To view this discussion on the web visit https://groups.google.com/d/msg/castle-project-devel/-/ym4Pmr4aptkJ.
To post to this group, send email to castle-pro...@googlegroups.com.
To unsubscribe from this group, send email to castle-project-d...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/castle-project-devel?hl=en.

Khash Sajadi

unread,
Nov 14, 2011, 10:27:04 AM11/14/11
to castle-pro...@googlegroups.com
Tried that and other varieties. Doesn't make a difference I'm afraid. This is what it looks like now:

Valeriu Caraulean

unread,
Nov 14, 2011, 11:04:35 AM11/14/11
to castle-pro...@googlegroups.com
Hmm, looks OK for me...

Just to be sure, all configuration is done in code? No WCF sections in web.config?


On Mon, Nov 14, 2011 at 4:27 PM, Khash Sajadi <khash....@gmail.com> wrote:
Tried that and other varieties. Doesn't make a difference I'm afraid. This is what it looks like now:

--
You received this message because you are subscribed to the Google Groups "Castle Project Development List" group.
To view this discussion on the web visit https://groups.google.com/d/msg/castle-project-devel/-/QIBKEfSmMP0J.

Khash Sajadi

unread,
Nov 14, 2011, 12:12:08 PM11/14/11
to castle-pro...@googlegroups.com
That's right. It's all code based. Anything specific should be done in the client?

Valeriu Caraulean

unread,
Nov 15, 2011, 3:52:52 AM11/15/11
to castle-pro...@googlegroups.com
Nothing fancy in our client code:
  var basicHttpBinding = new BasicHttpBinding(BasicHttpSecurityMode.TransportCredentialOnly)

That's enough for us to have windows identity of the user on the server.


On Mon, Nov 14, 2011 at 6:12 PM, Khash Sajadi <khash....@gmail.com> wrote:
That's right. It's all code based. Anything specific should be done in the client?
--
You received this message because you are subscribed to the Google Groups "Castle Project Development List" group.
To view this discussion on the web visit https://groups.google.com/d/msg/castle-project-devel/-/6bf7pwjbzVsJ.

Valeriu Caraulean

unread,
Nov 15, 2011, 11:08:34 AM11/15/11
to castle-pro...@googlegroups.com
I have a project on GitHub with few examples on how to use WCF without config files.

I've added two projects to it - WebHost.Castle and a simple client project. Check it at:

And the service code is making use of Service's SecurityContext...

Be sure that:
 - WcfWithoutConfigFile.WebHost.Castle is hosted in IIS Express
 - Windows Authentication is enabled for that project

Hope this helps...


On Mon, Nov 14, 2011 at 6:12 PM, Khash Sajadi <khash....@gmail.com> wrote:
That's right. It's all code based. Anything specific should be done in the client?
--
You received this message because you are subscribed to the Google Groups "Castle Project Development List" group.
To view this discussion on the web visit https://groups.google.com/d/msg/castle-project-devel/-/6bf7pwjbzVsJ.

Khash Sajadi

unread,
Nov 16, 2011, 5:43:02 AM11/16/11
to castle-pro...@googlegroups.com
Awesome! It worked. I did this to get the client to be config-free as well:


            container
                .AddFacility<WcfFacility>()
                .Register(Types.FromAssemblyContaining<IMyService>()
                              .Where(t => t.Name.EndsWith("Service"))
                              .Configure(c => c.AsWcfClient(
                                  WcfEndpoint
                                      .BoundTo(new BasicHttpBinding() { 
                                          Security = 
                                          {
                                              Mode = BasicHttpSecurityMode.TransportCredentialOnly, 
                                              Transport = { ClientCredentialType = HttpClientCredentialType.Windows }
                                          } 
                                      })
                                      .At(ServiceNameHelper.GetServiceEndpoint(c.Implementation)))));

Krzysztof Koźmic

unread,
Nov 16, 2011, 5:57:08 AM11/16/11
to castle-pro...@googlegroups.com
Would you guys care to add that to the documentation wiki for the next guy?

K

> --
> You received this message because you are subscribed to the Google
> Groups "Castle Project Development List" group.
> To view this discussion on the web visit

> https://groups.google.com/d/msg/castle-project-devel/-/_wNyVkPH9-gJ.

Benny Hung

unread,
Feb 17, 2012, 1:39:18 PM2/17/12
to castle-pro...@googlegroups.com
The suggested workaround does work.  But is there a way to make this work with doing the configuration in config files?  Is this actually a bug in the wcf integration facility?

On a somewhat related note, what is the advantage of making things config-less?
Reply all
Reply to author
Forward
0 new messages