StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

PO
text
Body
copied!<p>It sounds like you're looking for the <a href="http://msdn.microsoft.com/en-us/library/bb386582.aspx" rel="nofollow noreferrer">Windows Communication Foundation Authentication Service</a>.</p> <p><strong>EDIT:</strong></p> <p>After re-reading the question more carefully (and after Ariel's comment) I'd like to retract the above suggestion. The WCF Authentication Service won't add much to this scenario.</p> <p>I haven't done this between WCF and ASP.NET, however I have configured ASP.NET applications to share forms authenticated users, perhaps I can help in some way.</p> <p>To ensure that both applications can encrypt/decrypt the forms authentication cookie in the same way you should <a href="http://msdn.microsoft.com/en-us/library/ms998288.aspx" rel="nofollow noreferrer">configure the <code><machineKey></code> element</a> for both applications (in web.config or machine.config depending on whether you want to do this at the machine or application level). You should look at the <code>validation</code>, <code>validationKey</code>, <code>decryption</code> and <code>decryptionKey</code> attributes.</p> <p>Ensure that your <code><forms></code> elements in both web.config files are configured similarly. Specifically the <code>name</code>, <code>path</code> and <code>domain</code> attributes.</p> <p>It's likely that this only applies to cookies passed to/from a web browser (but may be useful in this case): To allow cookies to be passed between the websites <em>www.foo.com</em> and <em>bar.foo.com</em> you would configure the <code>forms</code> element as follows to allow cookies to be set on one site and successfully passed to the other:</p> <pre><code><forms ... domain=".foo.com" ... /> </code></pre> <p>Passing the cookie to the WCF service is likely to be the tricky bit. I'm not very experienced with WCF, so <a href="http://kennyw.com/indigo/153" rel="nofollow noreferrer">I've adapted code from kennyw.com</a>:</p> <pre><code>HttpRequestMessageProperty httpRequestProperty = new HttpRequestMessageProperty(); httpRequestProperty.Headers.Add(HttpRequestHeader.Cookie, "<Forms Authentication Cookie>"); using (OperationContextScope scope = new OperationContextScope(serviceClient.InnerChannel)) { OperationContext.Current.OutgoingMessageProperties[HttpRequestMessageProperty.Name] = httpRequestProperty; serviceClient.MethodName(); } </code></pre> <p>If you're hosting WCF within IIS (and not self-hosting) you can pass the WCF request through the ASP.NET processing pipeline by setting </p> <pre><code><system.serviceModel> <serviceHostingEnvironment aspNetCompatibilityEnabled="true" ... /> </system.serviceModel> </code></pre> <p>If you're self hosting you could examine the request headers using the incoming message's properties in <code>OperationContext.Current.IncomingMessageProperties</code> and get the forms authentication cookie value and decrypt it using <a href="http://msdn.microsoft.com/en-us/library/system.web.security.formsauthentication.decrypt.aspx" rel="nofollow noreferrer"><code>FormsAuthentication.Decrypt(string)</code></a>.</p> <p>I have no idea whether any of this would work, but would love to hear if it does!</p>

Querying!

Guidance

An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload