This article constitutes instructions for configuring the MDrivenServer to use Windows Authentication instead of password/username as with the default authentication.
MDrivenServer is a web application that has a UI and several WCF services. Authentication differs for web applications and WCF services, but both needs are covered in this article.
The MDrivenServer is mostly used as an integrated part of an MDriven Turnkey installation – but it is equally correct to run clients straight toward MDrivenServer.
In IIS, turn on Windows Authentication:
If you do not have the line Windows Authentication, add the role to your IIS server.
Start MDrivenServer and navigate to <yoursite>/AccessFromServer.aspx
Press the Use Windows Auth – this makes changes to the web.config sections.
The Web.config has the attribute configSource - it “lifts in” other files doing the actual configuration.
The current configuration parts all reside in the App_Data folder and are called:
WebServices_ActualWFC.config - This is the actual configuration setting up WCF endpoints as being SSL aware or not.
WebServices_SecurityWCFActual.config - This is the actual configuration for WCF bindings and how they should authenticate.
WebServices_SecurityWEBUIActual.config - This is the actual configuration for the web applications authentication mode
All the config parts that have the name Actual in them have two alternatives:
WebServices_ActualWFC.config either has the content from Webservices_NoSSL.config or Webservices_WithSSL.config
WebServices_SecurityWCFActual.config has the content from WebServices_SecurityWCFForms.config or WebServices_SecurityWCFWindows.config
WebServices_SecurityWEBUIActual.config has the content from WebServices_SecurityWEBUIForms.config or WebServices_SecurityWEBUIWindows.config
The buttons Use Forms Auth
and Use Windows Auth
copy the correct file to WebServices_SecurityWCFActual and WebServices_SecurityWEBUIActual.
The buttons Use SSL setting
and Use HttpOnly Setting
copy the correct file to WebServices_ActualWFC.
Once you have configured Windows Authentication, you will see your domain name here:
To effectively use the services, the caller must be authenticated and authorized.
The authorization is controlled by User Admin (<your site>/admin/UsersAndRolesAdmin.aspx).
Check “Admin Require Identification” to stop anyone authenticated from making changes, and check “Services require identification” to stop anyone authorized from accessing the WCF-Services. If you do, you must add the account running the MDrivenServer WebApplication to the list since it must be able to use the WCF services to work.
Assign the role “SuperAdmin” to the app-pool user and the developers you want to control the executed model.
Assign the role “AppUser” to others.