Tuesday, May 4, 2010

Getting Current User when using WCF and Silverlight

First off, when you start to create a WCF Service in Visual Studio 2010 or 2008 for that matter, you can choose WCF Service, but if you are using Silverlight as the client, you do NOT want to select this. You want to select, Silverlight-enabled WCF Service. If you don’t or didn’t you can follow the instructions here to make sure a few things are in place and then you will be in the same position as if you had selected the Silverlight-enabled WCF Service.

All I want to do is get the username of the user that is using my Silverlight application. Note, this also opens the door to ASP.NET roles.

Alot of what I read said that if I mess with my app.config and turn on transport or message security then I can get the user if I go to System.ServiceModel.ServiceSecurityContext.Current. Well, maybe that was for a Self-Hosted WCF service or some other scenario, but I could not get it to work in my tests with Silverlight with IIS hosted WCF Service. I think my biggest difficulty with these docs were that all the configuration tags that I expected to see in the web.config (they had an app.config) were not there, but yet I had a working (without security) WCF Service.

I had to assume it uses some defaults. I figured out that I was right. If you read A Developer's Introduction to Windows Communication Foundation 4 you will understand much better. It is a fairly lengthy read, but well worth it. There is actually a section on Workflow Foundation 4, but the first part of the article is most excellent in describing the defaults and how they work. For instance search it for ProtocolMapping to see that the defaults include basicHttpBinding, netTcpBinding, netNamedPipeBinding, and netMsmqBinding. They are defined in the Machine.config. WCF 4 also support inheritance / merging of configuration items. Very cool.

I am using an IIS hosted WCF service. I want to use Windows Authentication for authentication. Nothing fancy. What I found works well and quite easily is ensure the following things are in specified and in synch with each other. They must all agree!

Web Server
  • IIS has anonymous access disabled (not enabled).
  • IIS has Integrated Windows authentication enabled.
  • If you are using Visual Studio 2010 and using the built-in dev server, the default settings are fine. I did NOT have to check the NTLM Authentication checkbox.
  • This is needed to have ASP.NET be able to get security info as well.
<authentication mode="Windows"/>
<deny users="?"/>
  • Make sure you have aspnet compatability enabled as follows:
    <serviceHostingEnvironment multipleSiteBindingsEnabled="true"  aspNetCompatibilityEnabled="true"/>
Your Service Class
  • Make sure to add the following above your class for your WCF Service. You can also use Required, instead of of Allowed

And now the moment of glory. You can now get the user just like you would in ASP.NET.


References: A Developer's Introduction to Windows Communication Foundation 4


Anonymous said...

What version of IIS are you deploying your service to? I tried the same and it still returns null with IIS 7.5!

Brent V said...

Hi Anonymous,

I can't imagine this not working in IIS 7.5. This works for the Visual Studio (2008 or 2010) web server that is built-in. It also works for IIS 6 on Windows Server 2003 for sure. Double check that you have all key pieces in place as outlined here.

Good luck. Let me know how it goes.


Anonymous said...

Just tried with IIS 7.5 also, and I still get null as well...

Anonymous said...

Seems this will not work if using net.tcp binding. In the web.config net.tcp binding must have security set to none, but this will always ensure that username comes in null. Kind of a catch 22 here.

iCoder said...


I thank you so much. After lot of research I found solution in your blog.

Appreciate it very much ....

Anonymous said...

Life Savior. Thank you.

Blogger said...

DreamHost is definitely the best web-hosting company for any hosting services you might need.