发表新帖
发表新帖

WCF Authentication using SQL Membership Provider

后端 未结
关注
2 700
花落未央
花落未央 2020-12-11 10:01

Hopefully you folks can clarify some of this for me. I have a web-application using the Sql Membership Provider and it talks to a second web-application through a WCF Servi

相关标签:
2条回答
  • 無奈伤痛
    2020-12-11 10:21

    I'm assuming your WCF membership provider and your web application membership provider are using the same backend user set.

    If so you would want to share authentication cookies between the applications. You can find more information on how to do that here.

    Next you need to pass the authentication cookie that came with the web application request to the WCF service call. You can see how to do that here.

    The idea is the user logs into your web application and by doing so is logged into your WCF service.

    0 讨论(0)
  • 南旧
    2020-12-11 10:22

    Have a look at "Web to Remote WCF Using Transport Security (Trusted Subsystem, HTTP)" in the links below, I am sure you might find the answer there. There is also the following code which I presume might help:

    app.Context.User = new GenericPrincipal(new
       GenericIdentity(username, "Membership Provider"), roles);

    also:

    NetworkCredential netCred = new NetworkCredential("username", " p@ssw0rd");
asmxwebservice.Service proxy = new asmxwebservice.Service();
proxy.Credentials = netCred;               
proxy.GetData(21, true);

    Otherwise I would sugest go back to basics, so ensure you get the expected authentication and authorization configure to work 100% when using the membership and role providers in a asp client (asp.net applicaiton).

    Then use the same configuration for membership and roles on the WCF service. The only outstanding part then is to make sure the bindings work correctly.

    I have not tried forms authentications yet but have recently achieved implementing windows authentication from a ASP.NET applicaton calling a WCF services hosted in IIS and I have found that a slight mistake in the config file (bindings) could cause your application to break.

    By setting the user context to a generic pricipal you should be able to receive the user details on the WCF service side.

    I foud the answer by reading between the lines in a number of articles so make sure you have a look at the following:

    • Securing Services
    • patterns & practices Improving Web Services Security
    • Web to Remote WCF Using Transport Security (Trusted Subsystem, HTTP)
    • WCF and ASMX Client to Remote WCF Using Transport Security (Original Caller, HTTP)
    • Authorization In WCF-Based Services

    Hope this helps

    0 讨论(0)
 看不清?
提交回复
热议问题