With custom UserNamePasswordValidator, can I kill the user's WPF “session”?

Question

I\'m using a custom UserNamePasswordValidator, which instantiates and logs in to our internal API.

This API exposes an event that\'s fired when the user is \"kicked\" (b

Answer 1

If you expect that service will authenticate each user call with user name and password than you can have any code in your validator. But if you expect using per session service instancing you will probably also use security context (security session). In that case only first request is authenticated by validator and subsequent request are authenticated by token generated during establishing security context.

Edit:

Each running service is represented by InstanceContext class. If you have PerSession services the InstanceContext is same for each call. If you store reference to InstanceContext somewhere you should be able to release instance and close session - I have never tryed but it should be possible.