My services are set up to only allow authenticated users access. ig.DataSource seems to use Anonymous access by default. How can I make it pass in the users credentials?
Thanks,
Mike
P.S. For a discussion on how to do this with raw Ajax calls see http://stackoverflow.com/questions/1002179/how-can-i-pass-windows-authentication-to-webservice-using-jquery specifically the suggestion by Maxy-B to use
xhrFields: { withCredentials: true }
Hello Michael,
The igDataSource internally uses $.ajax for remote requests, but doesn't have a mechanism for providing users credentials.
What you can try is to set the xhrFields: { withCredentials: true } in the $.ajaxSetup.
Best regards,Martin PavlovInfragistics, Inc.
I tried that but it didn't seem to work.
I'm using the example from http://help.infragistics.com/doc/jQuery?page=igDataSource_Binding_to_WCF_Data_Services.html
I changed the GetQuoteSymbol function as follows:
function GetQuoteSymbol(symbol) { var url = "SilectStoreService.svc/GetStockQuoteGET?symbol=" + symbol; $.ajaxSetup({ xhrFields: { withCredentials: true } }); ds = new $.ig.DataSource({ callback: render, dataSource: url, schema: quoteSchema }).dataBind(); }
There are no errors, but it also doesn't seem to work. When I look at the Output window, the web service is throwing System.NotSupportedException exceptions. When I break on that exception the debugger reports:
A first chance exception of type 'System.NotSupportedException' occurred in System.ServiceModel.dll
Additional information: The authentication schemes configured on the host ('IntegratedWindowsAuthentication') do not allow those configured on the binding 'WebHttpBinding' ('Anonymous'). Please ensure that the SecurityMode is set to Transport or TransportCredentialOnly. Additionally, this may be resolved by changing the authentication schemes for this application through the IIS management tool, through the ServiceHost.Authentication.AuthenticationSchemes property, in the application configuration file at the <serviceAuthenticationManager> element, by updating the ClientCredentialType property on the binding, or by adjusting the AuthenticationScheme property on the HttpTransportBindingElement.
Can you tell me how to modify the JS code to work correctly with a web service which requires Windows Authentication?
I think I have figured this out. The solution seems to be mostly in web.config. Define a webHttpBinding as follows:
<system.serviceModel>
<bindings>
<webHttpBinding>
<binding>
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Windows" proxyCredentialType="Windows"/>
</security>
</binding>
</webHttpBinding>
</bindings>
It seems to be important to not give the a name to the web binding so it becomes the default. Then you can specify the default webHttpBinding for your service.
<service name="ServiceName" behaviorConfiguration="ServiceBehaviorName">
<endpoint address="" binding="webHttpBinding" contract="Namespace.IService" behaviorConfiguration="EndpointBehaviorName"/>
</service>
With that in place I could properly connect to my web service running under IIS. I didn't even need to specify the withCredentials mentioned above (although I am using raw $.ajax() calls now).
The final piece of the puzzle was to correctly determine the identity of the user calling the web service and that's done using ServiceSecurityContext.Current.WindowsIdentity.
Thank you for sharing the solution with the community!
Good luck!