MDrivenServer with Windows authentication

This article constitutes instructions for configuring the MDrivenServer to use Windows Authentication instead of a password/username as with the default authentication.

MDrivenServer is a web application that has a UI and several WCF services. Authentication differs for web applications and WCF services, but both needs are covered in this article.

The MDrivenServer is mostly used as an integrated part of an MDriven Turnkey installation – but it is equally correct to run clients straight toward MDrivenServer.

In IIS, turn on Windows Authentication:

Server - 1.png

If you do not have the line Windows Authentication, add the role to your IIS server.

Start MDrivenServer and navigate to <yoursite>/AccessFromServer.aspx

Server - 2.png

Press the Use Windows Auth – this makes changes to the web.config sections.

The Web.config has the attribute configSource - it “lifts in” other files doing the actual configuration.

The current configuration parts all reside in the App_Data folder and are called:

WebServices_ActualWFC.config - This is the actual configuration setting up WCF endpoints as being SSL aware or not.

WebServices_SecurityWCFActual.config - This is the actual configuration for WCF bindings and how they should authenticate.

WebServices_SecurityWEBUIActual.config - This is the actual configuration for the web applications authentication mode

All the config parts that have the name Actual in them have two alternatives:

WebServices_ActualWFC.config either has the content from Webservices_NoSSL.config or Webservices_WithSSL.config

WebServices_SecurityWCFActual.config has the content from WebServices_SecurityWCFForms.config or WebServices_SecurityWCFWindows.config

WebServices_SecurityWEBUIActual.config has the content from WebServices_SecurityWEBUIForms.config or WebServices_SecurityWEBUIWindows.config

The buttons Use Forms Auth and Use Windows Auth copy the correct file to WebServices_SecurityWCFActual and WebServices_SecurityWEBUIActual.

The buttons Use SSL setting and Use HttpOnly Setting copy the correct file to WebServices_ActualWFC.

Once you have configured Windows Authentication, you will see your domain name here:

Server - 3.png

To effectively use the services, the caller must be authenticated and authorized.

The authorization is controlled by User Admin (<your site>/admin/UsersAndRolesAdmin.aspx).

Server - 4.png

Check “Admin Require Identification” to stop anyone authenticated from making changes, and check “Services require identification” to stop anyone authorized from accessing the WCF-Services. If you do, you must add the account running the MDrivenServer WebApplication to the list since it must be able to use the WCF services to work.

Assign the role “SuperAdmin” to the app-pool user and the developers you want to control the executed model.

Assign the role “AppUser” to others.

This page was edited 24 days ago on 11/29/2024. What links here