Databases
StackOverflow2013
Postsdbo
POASP.NET Client Application Services Authentication and WCF
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. POASP.NET Client Application Services Authentication and WCF
    text
    copied!<p>I have a WPF application that uses Client Application Services to allow authentication (username/password logon) against a related web application that uses Forms authentication and the SqlMembershipProvider/SqlProfileProvider/SqlRoleProvider. This all works and I can reliably validate a user/password combination.</p> <p>The WPF application also calls a number of WCF services that are exposed by the same web application as is used for the CAS authentication. I now want to be able to pass through the authentication details (from Client Application Services) to the WCF services in order that I can identify the user that was authenticated within those services. I also need to be able to prevent the WCF services from being used if no authentication has taken place.</p> <p>I have found a couple of .NET 3.5 examples where CAS authentication is used against .asmx web services, or authentication is provided against WCF Data Services which does not use ClientBase and has authentication facilities built in, but I cannot find any examples with pure WCF. Can anybody point me toward instruction that will enable this scenario? I am using .NET 4.0 for this project.</p> <p>I have also found <a href="https://stackoverflow.com/questions/2961277/how-to-use-client-application-services-with-wcf">this stackoverflow question</a> but again this is answered for .asmx web services and not for WCF.</p> <p>The closest I have gotten involves the creation of an <code>OperationContextScope</code> and then copying the cookie header from the <code>ClientFormsIdentity</code> object to an <code>HttpRequestMessageProperty</code> and adding this to the <code>OutgoingMessageProperties</code> of the current <code>OperationContext</code>. I then call one or more methods of the service within the lifespan of the <code>OperationContextScope</code>. Thing is, when I then get to the WCF service, I still cannot see anything that resembles authentication in such a way as I can identify the original user. This methodology has been taken from various examples but I am obviously missing a step at the WCF end.</p>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload