Home > Software design >  Active Directory usage in WCF Windows authentication
Active Directory usage in WCF Windows authentication

Time:03-28

We have a WCF service that uses Windows authentication (also with option AllowNtlm=true). The documentation says that Windows authentication uses Active Directory to authenticate the user but doesn't describe how, which I need to figure out. How does WCF uses Active Directory?

Here's the binding configuration we're using:

<security mode="TransportWithMessageCredential">
        <transport clientCredentialType="None" />
        <message clientCredentialType="Windows" establishSecurityContext="false" />
</security>

CodePudding user response:

If anyone interested, this is what I've found.

If you set your client credentials type to Windows, WCF uses something called Windows SSPI for Windows authentication.

Windows SSPI makes either Kerberos or CLDAP requests to domain controller. Example:

Kerberos: AS-REQ request

CLDAP:

searchRequest(..) "<ROOT>"

(&(&(&(&(&(&(DnsDomain=...)(Host=...))(User=...))(AAC=...))(DomainGuid=...))(NtVer=...))(DnsHostName=...))

Both can be observed using Wireshark (look for Kerberos5 or CLDAP protocol requests)

Page link:https//www.codepudding.com/Softwaredesign/351286.html

Prev:Elasticsearch is not running in browser
Next:Svcutil Configuration files are not supported.net core
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding