stackoom
  简体   繁体   中英

ASP.NET Client Application Services Authentication and WCF

 原文  2012-12-20 11:37:17       wcf/ .net-4.0/ forms-authentication/ asp.net-4.0

Question

I have a WPF application that uses Client Application Services to allow authentication (username/password logon) against a related web application that uses Forms authentication and the SqlMembershipProvider/SqlProfileProvider/SqlRoleProvider. This all works and I can reliably validate a user/password combination.

The WPF application also calls a number of WCF services that are exposed by the same web application as is used for the CAS authentication. I now want to be able to pass through the authentication details (from Client Application Services) to the WCF services in order that I can identify the user that was authenticated within those services. I also need to be able to prevent the WCF services from being used if no authentication has taken place.

I have found a couple of .NET 3.5 examples where CAS authentication is used against .asmx web services, or authentication is provided against WCF Data Services which does not use ClientBase and has authentication facilities built in, but I cannot find any examples with pure WCF. Can anybody point me toward instruction that will enable this scenario? I am using .NET 4.0 for this project.

I have also found this stackoverflow question but again this is answered for .asmx web services and not for WCF.

The closest I have gotten involves the creation of an OperationContextScope and then copying the cookie header from the ClientFormsIdentity object to an HttpRequestMessageProperty and adding this to the OutgoingMessageProperties of the current OperationContext . I then call one or more methods of the service within the lifespan of the OperationContextScope . Thing is, when I then get to the WCF service, I still cannot see anything that resembles authentication in such a way as I can identify the original user. This methodology has been taken from various examples but I am obviously missing a step at the WCF end.

2 answers

solution1
 1  2012-12-20 20:30:57

I think you need to switch to the Web API that Microsoft is now having people use for WCF Services. Check out Using Forms Authentication with Web API and http://aamirposwal.blogspot.com/2012/05/aspnet-web-api-custom-authorize-and.html

solution2
 0 ACCPTED  2012-12-21 13:58:04

Found it.

In my binding, I specified allowCookies="true".

According to Wiktor Zychla , "setting the AllowCookies property on a BasicHttpBinding to true turns on the automatic cookie management" - this means that any attempt to set a cookie in code will be ignored and this is what I was doing.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question WCF Client in ASP.NET Application Hosting WCF Services in ASP.NET MVC Web Application Creating/Exposing WCF services from an existing ASP.NET application Calling WCF Services in ASP.NET MVC application WCF/ASP.NET Authentication Asp.Net Web Application authentication using WCF Service WCF hosted within ASP.NET application and Windows Authentication? WCF ChannelFactory and Channel caching in ASP.NET client application How to use WCF client in ASP.NET application? wcf with asp.NET application
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM