All geek questions in one place

Extend authentication to use custom HTTP header for ticket

I have a wcf webhttp service that uses authentication to authenticate users. This works great if the ticket is in the cookie collection or in the URL.

But now I want to send the auth ticket string to the custom http header and change the auth module to check this header instead of cookie.

I think it should be easy to extend auth forms in order to achieve this, but could not find any resources. Can you point me in the right direction?

here, how my authentication flow will work,

  • The client calls the authentication method with username and pwd
  • The service returns an encrypted ticket string
  • The client sends the received ticket string to the http header with each subsequent request
  • The service checks the auth header and checks the authorization ticket
+6
source share
2 answers

The FormAuthentication module is not extensible, but you can write your own authentication. It is very simple:

Authentication (2):

var formsTicket = new FormsAuthenticationTicket( 1, login, DateTime.Now, DateTime.Now.AddYears(1), persistent, String.Empty); var encryptedFormsTicket = FormsAuthentication.Encrypt(formsTicket); //return encryptedFormsTicket string to client

Service call with attached ticket (4):

 var ticket = FormsAuthentication.Decrypt(encryptedFormsTicket) //extract authentication info from ticket: ticket.Name
+3
source

I'm not sure if this is the way to go (elegantly wise), but what about adding an event to global.asax.cs for the BeginRequest application and taking a line from the header and entering the cookie into the request yourself (Form authentication should then select this.)

Sort of:

 protected void Application_BeginRequest() { // Your code here to read request header into cookieText variable string cookieText = ReadCookieFromHeader(); var cookieData = FormsAuthentication.Decrypt(cookieText); if (!cookieData.Expired) { HttpContext.Current.Request.Cookies.Add(new HttpCookie(cookieData.Name, cookieText)); } }

DISCLAIMER: Please note that I did not test this, just chose a possible approach to your path!

+1
source

Source: https://habr.com/ru/post/912454/

More articles:


All Articles