All geek questions in one place

WCF Authentication Using SQL Membership Provider

I hope you people can clarify some of them for me. I have a web application using the Sql membership provider and it is talking to the second web application through the WCF service. Both applications use the same SAT server of the data provider ... but I need every WCF service call to authenticate the user.

Now I have looked through many examples, but it seems to me that the samples that I saw either do not contain specific code, because this "should" be obvious to me, or I misunderstand how WCF processes the request (see the expected code below) .

I am grateful for any help ...

HERE THAT I ALREADY KNOW HOW TO DO

  • I know how to set up Sql membership at both ends.
  • I know how to configure wsHttpBinding
  • I know how to configure a service certificate used in transport security.

HERE IF I A CONFERENCE

  1. How can I pass a membership password (... you cannot)
  2. Do I skip authentication cookies? If so, how?
  3. Create a "known" username and password that are not associated with the user (yourself)?

ON THE WEB CUSTOMER I EXPECT TO SEE THE CODE, SOMETHING AS IT

protected void btnLogin_Click(object sender, EventArgs e)
{
    // Logging into the web-application is known and easy.
    if (Membership.ValidateUser("MyUserName", "MyPassword"))
    {
        FormsAuthentication.SetAuthCookie("MyUserName", true);
        FormsAuthentication.RedirectFromLoginPage("MyUserName", false);
    }
}

protected ServiceReference1.Contractor getContractor(Int32 key)
{
    // I expect something "like" this on the client call.
    MembershipUser user = Membership.GetUser("MyUserName");

    ServiceReference1.FishDataClient wcfService = new ServiceReference1.FishDataClient();

    // You can't retreive the users password directly,
    // nor can you get the hash from the SqlMembershipProvider.
    wcfService.ChannelFactory.Credentials.UserName.UserName = user.UserName;
    // So doing something like this would not be possible.
    wcfService.ChannelFactory.Credentials.UserName.Password = "??????";

    // So how is the web service going to authenticate the user from it's
    // references to the same SqlMembershipProvider (database).
    ServiceReference1.Contractor contractor = wcfService.GetContractor(key);

    wcfService.Close();
    wcfService = null;

    return contractor;
}

IN THE WCF SERVICE I EXPECTED TO SEE THE CODE, SOMETHING AS IT

[PrincipalPermission(SecurityAction.Demand, Role = "User")]
public Contractor GetContractor(Int32 key)
{
    ServiceSecurityContext context = ServiceSecurityContext.Current;
    Contractor contractor = new Contractor();

    // What goes here?  I would expect something like this...
    if (Membership.ValidateUser("???????", "???????"))
        contractor.Get(key);

    return contractor;
}
+3
source share
2 answers

I assume that your WCF membership provider and web application membership provider use the same basic set of users.

. , .

, - WCF. , .

, - , , WCF.

+1

"Web to Remote WCF Using Transport Security (Trusted Subsystem, HTTP)" , , . , , , :

app.Context.User = new GenericPrincipal(new
       GenericIdentity(username, "Membership Provider"), roles);


NetworkCredential netCred = new NetworkCredential("username", " p@ssw0rd");
asmxwebservice.Service proxy = new asmxwebservice.Service();
proxy.Credentials = netCred;               
proxy.GetData(21, true);

, , 100% asp- (asp.net applicaiton).

WCF. - , .

, Windows ASP.NET, WCF, IIS, , () , .

, WCF.

, , , :

,

0

Source: https://habr.com/ru/post/1758971/

More articles:


All Articles