开发者

How can I expose a WCF Service in a Virtual Directory w/o Forms Authentication?

My group builds internally hosted ASP.NET MVC websites with forms-authentication.

I'd like to host a WCF service in the same virtual directory as an ASP.NET MVC website.

My Question:

How do I make the WCF service freely accessible, that is without forms-authentication.

My current predicament is this:

  • I can access the .svc and see the wsdl information if I first authenticate through forms-authentication with a web browser.
  • But when I try to access the WCF service with wcfTestClient.exe, I get the following error:

Error: Cannot obtain Metadata from http://localhost/Services/MyService.svc If this is a Windows (R) Communication Foundation ser开发者_StackOverflow中文版vice to which you have access, please check that you have enabled metadata publishing at the specified address. For help enabling metadata publishing, please refer to the MSDN documentation at http://go.microsoft.com/fwlink/?LinkId=65455.WS-Metadata Exchange Error


Do you have a mex endpoint defined in your web.config for the service? The testclient is likely looking for this.

IF you do, one other possibility is to disable authorization on the services folder. I've never tested this, but in theory it may work...

So if website is localhost, put WCF service in localhost/services/myservice.svc or the like. Then add a web.config to the /services folder, which overrides the authorization and allows all:

<configuration>
   <authorization>
      <allow users="*" />
   </authorization>
</configuration>


If you can put your .svc file into a subfolder of the virtual directory, you can leverage the path attribute in Forms Authentication to enable access to it with a different level of authorization. Here is a tutorial.


Many thanks to all who tried to answer this question.

After hours of troubleshooting this problem, I discovered that a custom authentication module was rejecting my client attempts to get the metadata. Suffice it to say, I needed to route around this logic.

Oh - And stepping through the code is very underrated. ;)


I assume since you are using forms authentication that the virtual directory is configured for anonymous access in IIS. With that said, If you place your WCF service e.g. *.svc file in its own directory, you can update the main web.config file and add a location tag to disable forms authentication for the directory containing the service. Also be sure to disbale security via the WCF configuration binding settings in the web.config's <system.servicemodel> section which needs to be added if not already present:

<bindings>
  <wsHttpBinding>   <!-- one of many possible bindings -->
    <binding name="...">          
      <security mode="None"> <-- allows anonymous access -->
        <message clientCredentialType="None"/> <-- allows anonymous access -->
      </security>
    </binding>
  </wsHttpBinding>
</bindings>
0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜