WCF: Determining Caller Identity within WCF Web Services (Part 2 of 4)
Summary: Learn to authenticate users in Microsoft SharePoint Foundation 2010 in this four-part series. Learn to determine the identity of the caller of a Windows Communication Foundation (WCF) web service that you consume as an external content type from Microsoft Business Connectivity Services (BCS).
Available in SharePoint Online
Applies to: Business Connectivity Services | Office 2010 | Open XML | SharePoint Designer 2010 | SharePoint Foundation 2010 | SharePoint Online | SharePoint Server 2010 | Visual Studio
Provided by: Eric White, Microsoft Corporation | Saji Varkey, Microsoft Corporation | Bin Zhang, Microsoft Corporation
Contents
Introduction
Building the Example
Conclusion
Additional Resources
This article is the second in a four-part series of articles that show how to create and implement a claims-aware web service by using Business Connectivity Services.
WCF: Building WCF Web Services for SharePoint 2010 Business Connectivity Services (Part 1 of 4)
WCF: Determining Caller Identity within WCF Web Services (Part 2 of 4) (This article)
Introduction
Windows Identity Foundation (WIF) gives you much more control over your identity logic. You can use WIF to determine the identity of the caller from inside a web service. The example that is presented in this article enhances the example that is presented in the previous article in the series, WCF: Building WCF Web Services for SharePoint 2010 Business Connectivity Services (Part 1 of 4), to determine caller identity. With each call to the web service, it appends the identity of the user calling the web service to a log file. You can then examine the log file to see caller identity.
Building the Example
To build the example
Download and install Windows Identity Foundation. Install WIF on the same computer where you built the Windows Communication Foundation (WCF) web service.
To build the web service, open the project that you created in the first article in the series, WCF: Building WCF Web Services for SharePoint 2010 Business Connectivity Services (Part 1 of 4)
Add a reference to the [Microsoft.IdentityModel] assembly. In Microsoft Visual Studio 2010 or Visual Studio 2008, click Project, and then click Add Reference.
Click the Browse tab. Browse to %ProgramFiles%\Reference Assemblies\Microsoft\Windows Identity Foundation\v3.5.
Figure 1. Location of the Windows Identity Foundation assemblies
Select Microsoft.IdentityModel.dll, and then click OK.
Figure 2. Select the Windows Identity Framework DLL
Replace the contents of Customers.svc.cs with the following code.
using System; using System.Collections.Generic; using System.IO; using System.Linq; using Microsoft.IdentityModel.Claims; namespace CustomersService { public class Customers : ICustomers { private const string IdentityClaimType = @"https://schemas.microsoft.com/sharepoint/2009/08/claims/userid"; private string GetIdentity() { string identityName = String.Empty; IClaimsIdentity claimsIdentity = System.Threading.Thread.CurrentPrincipal.Identity as IClaimsIdentity;if (claimsIdentity != null) { // claim foreach (Claim claim in claimsIdentity.Claims) { if (String.Equals(IdentityClaimType, claim.ClaimType, StringComparison.OrdinalIgnoreCase)) { identityName = claim.Value; break; } } } else { identityName = System.Threading.Thread.CurrentPrincipal.Identity.Name; } return identityName; } // Finder public List<Customer> GetAllCustomers() { string id = GetIdentity(); File.AppendAllText(@"C:\MyWebService\log.txt", string.Format("GetAllCustomers: Identity: {0}", id) + Environment.NewLine); return new List<Customer>() { new Customer { CustomerID = 1, CustomerName = "Bob", }, new Customer { CustomerID = 2, CustomerName = "Bill", }, new Customer { CustomerID = 3, CustomerName = "Cheryl", }, }; } // Specific finder public Customer GetCustomerByID(int CustomerID) { string id = GetIdentity(); File.AppendAllText(@"C:\MyWebService\log.txt", string.Format("GetCustomerByID: Identity: {0}", id) + Environment.NewLine); return GetAllCustomers().FirstOrDefault(c => c.CustomerID == CustomerID); } } }
Rebuild the application. Because it is hosted by using Internet Information Services, we do not need to do anything for the rebuilt service to be active.
Use wcftestclient to exercise the web service.
Start a Visual Studio command prompt.
Type wcftestclient to run the WCF test client.
Click File, and then click Add Service.
Type https://localhost/Customers/Customers.svc as the endpoint address, and then click OK.
Figure 3. Typing the endpoint address in the WCF test client
If you added the service successfully, you see the methods that the service exposes.
Figure 4. WCF test client showing methods
Double-click the GetAllCustomers method. This opens a window that lets you configure the request and invoke the request.
Click Invoke to invoke the GetAllCustomers method.
Figure 5. Data in the WCF test client
After invoking the web service, browse to C:\MyWebService, and examine log.txt. The log file resembles the following:
GetAllCustomers: Identity: CONTOSO\ericwhite
Conclusion
In this article, you completed the second of four major steps towards creating a claims-aware web service, and consuming it by using Business Connectivity Services. You improved the web service that you created in WCF: Building WCF Web Services for SharePoint 2010 Business Connectivity Services (Part 1 of 4), adding code that uses WIF to determine caller identity, and write the identity to a log file. In the next article, WCF: Establishing Trust Between WCF Web Services and SharePoint 2010 Security Token Service (Part 3 of 4), you follow procedures to establish trust between the web service and SharePoint 2010security token service (STS).
Additional Resources
Developer Center: Windows Identity Foundation Developer Center
Download: Windows Identity Foundation
Developer Center: SharePoint Developer Center
Blog: Eric White's Blog