[WCF]How to supply dedicated credentials for webproxy authentication in WCF client

[WCF]How to supply dedicated credentials for webproxy authentication in WCF client

I’ve found several issue request on how to supply credentials for webproxy(intermediate proxy server) authentication in client application which consumes WCF service. When performing some remote network accessing such as WebRequest call, Webservice call or WCF call, it’s common that the client will need to provide some credentials for the service application’s authentication. However, it is also possible that client need to supply credentials for some intermediate proxy server’s authentication. In .NET framework, the WebRequest and WebService(client proxy) provide “Proxy” property(of System.Net.WebProxy type) that can help supply such credentials. E.g.

HttpWebRequest req = (HttpWebRequest)WebRequest.Create("https://www.msn.com");

req.Proxy.Credentials = CredentialCache.DefaultCredentials;

WebResponse rsp = req.GetResponse();

However, the WCF client proxy(generated via “Add ServiceReference” or svcutil.exe) doesn’t expose such a property. There does exists some configuration entry like below which help specify some network proxy info, but none of them help us explicitly specify a credentials (username/password pair).

=========================

<system.net>

<defaultProxy useDefaultCredentials="true">

<proxy usesystemdefault="False"

<system.serviceModel>

    <bindings>

     <basicHttpBinding>

      <binding name="ServiceSoap"

........................

   useDefaultWebProxy="false"

   bypassProxyOnLocal="false"

   proxyAddress="https://localhost:8888/">

=======================

After some research, I found that the built-in WCF authentication model will rely on the same set of client-side credentials(for service authentication).

ChannelFactory<IService> communication = new ChannelFactory<IService>(binding, endpoint);

//can only set 1 set of Username/Password credential (is used for both the web proxy and the service authentication)

communication.Credentials.UserName.UserName = "user";

communication.Credentials.UserName.Password = "pass";

Then, what if we need to supply different credentials for service and web proxy authentication respectively? Fortunately, there is still a means for us to supply dedicated credentials for web proxy in WCF client code. That’s the “WebRequest.DefaultWebProxy” property. The WCF runtime will acquire proxy setting from WebRequest.DefaultWebProxy property if the <system.net> and WCF <binding> remains useDefaultproxy as “true”.

Thus, our final code will simply work as below:

//first customize the default proxy

WebProxy wproxy = new WebProxy("new proxy",true);

wproxy.Credentials = CredentialCache.DefaultNetworkCredentials;

//or you can construct your own credentials via System.Net.NetworkCredential

WebRequest.DefaultWebProxy = wproxy;

//do WCF calls....

WCFSVC.ServiceClient client = new ConsoleClient.WCFSVC.ServiceClient();

Here are some other threads discussing on this issue:

https://kennyw.com/indigo/143

https://social.msdn.microsoft.com/Forums/en-US/wcf/thread/f2074c0d-4922-402b-8bcb-e653ab04644b/

https://www.groupsrv.com/dotnet/post-908381.html

Hope this helps.