WCF Impersonation

# re: WCF Impersonation

Either with explicit impersonation, or two hops impersonation - both of those assumes that you want to impersonate the user that is accessing the service.
Possibly the easiest route is to simple turn off impersonation and just setup the app pool process to the specified user. 10/2/2007 5:41 PM | Ayende Rahien

# re: WCF Impersonation

http://geekswithblogs.net/robz/archive/2007/10/03/WCF-Impersonation---Specifying-Windows-Authentication-Credentials-on-the-Service.aspx 10/3/2007 1:34 AM | Robz

# re: WCF Impersonation

I had a headache with this myself. In order to get this to work, you have to do a couple things.

1. Set up your config: Under the <system.web> tag, add your <identity impersonate="true" username="userdomain/username" password="password"/> tag and then you must use basic http binding with transport credential only as follows:
<basicHttpBinding>
<binding name="BasicDefault">

<security mode="TransportCredentialOnly">
<transport clientCredentialType="Windows" />
</security>
</binding>

2. Setup IIS: Under the security tab, click the anonymous access... button. Then make sure anonymouse access is unchecked, and only check the "Integrated Windows authentication"


Enjoy!
Dwayne
11/13/2007 2:52 PM | Dwayne

# re: WCF Impersonation

@Dwayne: You need to do two things to allow ASP.NET impersonation. You need to add the below in addition to the part you add in system.web.

<serviceHostingEnvironment aspNetCompatibilityEnabled="true"/>

Then you have to opt in on all classes where you plan to use ASP.NET Compatibility:

[AspNetCompatibilityRequirements(RequirementsMode=AspNetCompatibilityRequirementsMode.Allowed)]
public class Foo {} 11/14/2007 9:52 AM | Robz

# re: WCF Impersonation

@Dwayne: We may definitely give the IIS anonymous access part a go. I don't remember if we tried that or not. 11/14/2007 9:55 AM | Robz