I have ODATA services with one schema. They point to the development database and are served through the WCF data service, which is then used by clients running Excel / Powerpivot to retrieve their own data for reports, etc.
The service is protected at run time through almost the same basic authentication, which is explained here: http://msdn.microsoft.com/en-us/data/gg192997
Now, how it should work in a live environment, sit on the server and connect to various databases based on the username / password entered. Users will enter "username @clientID" and "password". "username @clientID" is then split (), and the username / password is checked against the SQL database. But the URL of the database server to check will be determined by ClientID.
In addition, after authorization, the WCF data service must return data from the database corresponding to the Client identifier.
The approach I tried was to change the connection string in the web.config file, but this does not work because it says the file is read-only. I'm not even sure if that would work at all. I need to have the EDMX / WCF Data service return data from the correct database. Here is what I tried to do:
private static bool TryAuthenticate(string user, string password, out IPrincipal principal) { Configuration myWebConfig = System.Web.Configuration.WebConfigurationManager.OpenWebConfiguration("~"); myWebConfig.AppSettings.Settings["test"].Value = "Hello"; myWebConfig.Save(); string newConnStr = myWebConfig.ConnectionStrings.ConnectionStrings["IntelCorpEntities"].ToString(); newConnStr.ToString().Replace("SERGEIX01", "SERVERX01"); myWebConfig.ConnectionStrings.ConnectionStrings["IntelCorpEntities"].ConnectionString = newConnStr; myWebConfig.Save(); if (user.ToLower().Equals("admin") && password.Equals("password")) { principal = new GenericPrincipal(new GenericIdentity(user), new string[] { "Users" }); return true; } else { principal = null; return false; } }
source share