Need help with WCF DataPortal channel and Authentication

stefan posted on Friday, April 25, 2008

Hi!

I implemented the WCF dataportal channel according to the CSLA 3.0 ebook.

My app.config contains this:

  <appSettings>
    ...
    <add key="CslaAuthentication" value="Csla" />
    <add key="CslaDataPortalProxy" value="Csla.DataPortalClient.WcfProxy, Csla"/>
  </appSettings>

    <system.serviceModel>
        <client>
            <endpoint name="WcfDataPortal"
                      address="http://xxx.xxx.xxx.xxx/WcfHost/WcfPortal.svc"
                      binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_IWcfPortal"
                      contract="Csla.Server.Hosts.IWcfPortal">
            </endpoint>
        </client>
    </system.serviceModel>

In addition to the PTracker example I had to add this section, as already shown in some posts
(search for maxReceivedMessageSize):

(The numeric values are copied from a post I found here, saying it would work, so don't ask me...)
        <bindings>
            <wsHttpBinding>
                <binding name="WSHttpBinding_IWcfPortal" closeTimeout="00:01:00"
                         openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"
                         bypassProxyOnLocal="false" transactionFlow="false"
                         hostNameComparisonMode="StrongWildcard"
                         maxBufferPoolSize="2147483647" maxReceivedMessageSize="2147483647"
                         messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true"
                         allowCookies="false">
                    <readerQuotas maxDepth="32" maxStringContentLength="655360" maxArrayLength="2147483647"
                                  maxBytesPerRead="4096" maxNameTableCharCount="16384"/>
                    <reliableSession ordered="true" inactivityTimeout="00:10:00" enabled="false"/>
                    <security mode="Message">
                        <message clientCredentialType="None" negotiateServiceCredential="false"
                                 establishSecurityContext="false" />
                    </security>
                </binding>
            </wsHttpBinding>
        </bindings>


First question: Is this binding configuration section also needed on the server side (Web.config)?

What's bothering me ist the <security> section. I don't know how to configure the WcfHost service to accept anonymous client connections. As I see it, the authentication/authorization in the case of the WCF data portal channel is happening on the application level, and not on the WCF configuration level.

My current situation is this: The WcfHost service only accepts connections from clients where the current Windows user is also available as a local user on the server machine.
I already enabled anonymous access to the virtual root directory, but there must be something else.
The server is a Windows Server 2003 RC2 fresh installation...

Any help would be appreciated

Stefan