Databases
StackOverflow2013
Postsdbo
PONeed Authenticated WCF REST Architecture Advice
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. PONeed Authenticated WCF REST Architecture Advice
    text
    copied!<p>I've been doing so much researching and reading that my head is spinning with options. What I want to do is to create a WCF service that will contain data access and business logic using roles-based authentication. I want to consume this service from a JavaScript application that uses KendoUI. I do have message-based security working and I have the SqlMembershipProvider and SqlRoleProvider working in a sample WCF service. It works fine when accessed from another .NET application; where I'm getting really confused is in the best way to access it RESTfully with JavaScript.</p> <p>From what I've read so far, it sounds like going directly from JS to WCF REST might not be the easiest or best supported path. A lot of REST-related extensions for WCF have been deprecated (e.g. WCF REST Starter Kit is deprecated; WCF Web API recently became the ASP.NET Web API, no more reference to WCF?). Since it looks like the "official" way to do REST is with the ASP.NET Web API and the ASP.NET Web API is now part of ASP.NET MVC, that makes me think that maybe I should set up my architecture with an ASP.NET MVC application that serves up pages with KendoUI code in them that would make RESTful calls to the MVC app, which would then forward calls to the WCF service. I could use the technique described in <a href="https://stackoverflow.com/questions/5237162/authentication-with-an-soa-approach-using-c-sharp">this answer</a> to implement a custom MembershipProvider that the MVC app would use with Forms Authentication to centralize the authorization/authentication logic in the WCF service while making it fully integrated in the MVC layer as well as taking advantage of the features of ASP.NET Forms Authentication (e.g. automatic redirection and cookies).</p> <p>To recap, the important parts to me are: 1. an authenticating, role-aware WCF service, and 2. accessing its methods from a JavaScript application in the simplest way possible. I want to take advantage of built-in or out-of-the-box functionality as much as possible. Is the architecture I proposed above sane? Is it as simple as I can get it, or is there a simpler way than this?</p> <p>Many thanks, Adam</p>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload