All geek questions in one place

Access to WCF service from a mobile client with user authentication

I am working on a web API that has a website (ASP.NET MVC), WCF service, and mobile interfaces (Android / iPhone), and I have token authentication for the API.

MVC and API have a user ID for user verification, but the WCF service will not have this user ID.

Here I need to have access to the WCF service from a mobile client with security.

Application structure

enter image description here

So, how to check or share user ID using WCF service?

Can I use the same OAuth token in the WCF service to identify the user? or is there any other standard way to do this?

+5
source share
2 answers

I have similar applications. I am adding a token (previously obtained after authentication) using this:

Generic ajax call using jQuery:

$.ajax({ beforeSend: function (request) { request.setRequestHeader("Authority", authorizationToken); }, // Below you set type, url, data, ... });

Here using Cordova + Ionic + Angularjs:

 $http.defaults.headers.common.Authorization = authorizationToken; if ($http.defaults.headers.common.Authorization.Parameter != undefined) { $http.defaults.headers.common.Authorization.Parameter = authorizationToken; }

Hope this helps.

0
source

Given the high-level details, ADFS should be appropriate for your requirement, while authentication can also be achieved for WCF-based services.

See the MSDN manual link below for a detailed approach.

Claims-Based Identification and Access Control Guide

However, I suppose this is a solution for the new requirements, if so, why is the WCF service still needed when the web API can manage external HTTP requests? and given that there is no database interaction through WCF services in a diagram.

0
source

Source: https://habr.com/ru/post/1259223/

More articles:


All Articles