Databases
StackOverflow2013
Postsdbo
POAuthenticated WCF: Getting the Current Security Context
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. POAuthenticated WCF: Getting the Current Security Context
    text
    copied!<p>I have the following scenario: </p> <ul> <li>I have various user's data stored in my database.</li> <li>This data was entered via a web app. </li> <li>We'd like to expose this data back to the user over a web service so that they can integrate their data with their applications.</li> <li>We would also like to expose some business logic over these services. As such <strong><em>we do not want to use OData.</em></strong></li> <li>This is a multi-tenant application so I only want to expose <em>their</em> data back to them and not other users. Likewise, the business logic we expose should be relative to the authenticated user.</li> </ul> <p>I would like let the user use an OASIS scheme to authenticate with the web service -- WCF already allows for this out of the box as far as I understand -- or perhaps we can issue them certificates to authenticate with. That bit hasn't really been worked out yet.</p> <p>Here is a bit of pseudo-code of how I envision this would work within the service:</p> <pre><code>function GetUsersData(id) var user := Lookup User based on Username from Auth Context var data := Get Data From Repository based on "user" return data end function </code></pre> <p>For the business logic scenario I think it would look something like this:</p> <pre><code>function PerformBusinessLogic(someData) var user := Lookup User based on Username from Auth Context var returnValue := Perform some logic based on supplied data return returnValue end function </code></pre> <p><strong>The hard bit here is getting the current username (or cert info in the cert scenario) that the user authenticated with!</strong> </p> <p>Does WCF even enable this scenario? If not would WSE3 enable this?</p> <p>Thanks,</p>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload