Databases
StackOverflow2013
Postsdbo
POASP.NET Membership Provider authentication not working authenticating WCF Service
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. POASP.NET Membership Provider authentication not working authenticating WCF Service
    text
    copied!<p>I have a SqlMembershipProvider store with Roles enabled. This is configured and has the user "devtest" in the roles "xxUser" and "xxAdmin".</p> <p>I also have a WCF service, which I want to authenticate and authorize against. My problem is that:</p> <ol> <li>the authorisation is not happening, code just executes despite the policy attribute </li> <li>I don't get any identity or security context so do not know who is calling the service</li> </ol> <p>I need:</p> <ol> <li>to know which user is calling the method </li> <li>some degree of rejecting users if permissions don't match up (ideally this should be performed within the RoleProvider/MembershipProvider/WCF but can do it myself if I have to)</li> <li>SSL in transport</li> </ol> <p>I have my service contract set up thus:</p> <pre><code> [ServiceContract] public interface ISupportService { [OperationContract] [PrincipalPermission(SecurityAction.Demand, Role = "ThisRoleDoesNotExist")] List&lt;BaseInterestRate&gt; GetAllBaseInterestRates(); } </code></pre> <p>the code is simple enough:</p> <pre><code>public class SupportService : ISupportService { public List&lt;BaseInterestRate&gt; GetAllBaseInterestRates() { OperationContext operationContext = OperationContext.Current; ServiceSecurityContext serviceSecurityContext = ServiceSecurityContext.Current; // is always null using (xxxEntities entities = new xxxEntities()) { return new List&lt;BaseInterestRate&gt;(entities.BaseInterestRates); } }} </code></pre> <p>My service configuration is thus:</p> <p> --> </p> <pre><code>&lt;behaviors&gt; &lt;serviceBehaviors&gt; &lt;behavior name="SupportServiceBehavior"&gt; &lt;serviceMetadata httpGetEnabled="false" httpsGetEnabled="true" /&gt; &lt;serviceDebug includeExceptionDetailInFaults="false" /&gt; &lt;serviceAuthorization principalPermissionMode="UseAspNetRoles" roleProviderName="AspNetSqlRoleProvider" /&gt; &lt;serviceCredentials&gt; &lt;userNameAuthentication userNamePasswordValidationMode="MembershipProvider" membershipProviderName="SqlMembershipProvider" /&gt; &lt;/serviceCredentials&gt; &lt;/behavior&gt; &lt;behavior&gt; &lt;serviceMetadata httpGetEnabled="true"/&gt; &lt;serviceDebug includeExceptionDetailInFaults="false"/&gt; &lt;/behavior&gt; &lt;/serviceBehaviors&gt; &lt;/behaviors&gt; &lt;serviceHostingEnvironment multipleSiteBindingsEnabled="true" /&gt; </code></pre> <p> </p> <p>Having already configured the MembershipProvider:</p> <pre><code> &lt;membership defaultProvider="SqlMembershipProvider" &gt; &lt;providers&gt; &lt;clear/&gt; &lt;add name="SqlMembershipProvider" connectionStringName="SqlMembershipProvider" applicationName="xxx" type="System.Web.Security.SqlMembershipProvider" /&gt; &lt;/providers&gt; &lt;/membership&gt; &lt;roleManager enabled="true"&gt; &lt;providers&gt; &lt;clear /&gt; &lt;add connectionStringName="SqlMembershipProvider" applicationName="xxx" name="AspNetSqlRoleProvider" type="System.Web.Security.SqlRoleProvider" /&gt; &lt;add applicationName="xxx" name="AspNetWindowsTokenRoleProvider" type="System.Web.Security.WindowsTokenRoleProvider" /&gt; &lt;/providers&gt; &lt;/roleManager&gt; </code></pre> <p>I have followed the instructions at these pages to the letter:</p> <ul> <li><a href="http://msdn.microsoft.com/en-us/library/ff648806.aspx" rel="nofollow">How to: Use the SQL Server Role Provider with Windows Authentication in WCF Calling from Windows Forms (MSDN)</a></li> <li><a href="http://msdn.microsoft.com/en-us/library/ff650751.aspx" rel="nofollow">How to: Create and Install Temporary Client Certificates in WCF During Development (MSDN)</a></li> <li><a href="http://msdn.microsoft.com/en-us/library/ff648840.aspx" rel="nofollow">How to: Use wsHttpBinding with Username Authentication and TransportWithMessageCredentials in WCF Calling from Windows Forms (MSDN)</a></li> <li>Also quite useful found via SO: <a href="http://www.codewrecks.com/blog/index.php/2009/09/08/use-aspnet-membership-provider-with-a-wcf-svc-service/1.1.2." rel="nofollow">Use Asp.Net Membership provider with a WCF .svc service (Alkampfer's Place)</a></li> </ul> <p>I would at lest expect an issue with certificates/transport/etc. to fail with exceptions, but I can debug right in and over the WCF call. I have no security context/ user context available to me and when I use a user not in the two mentioned roles (which I do in the code example above), I don't get "kicked out".</p> <p>My client app is currently a Web App, but will ultimately also serve a Windows Forms app and Test suite. I'm currently using the ASP.NET WebDev server and am running .NET 4.0.</p> <p>Am I missing something?</p>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload