I have a custom IIdentity called MyIdentity, and custom IIprincipal called MyPrincipal. These classes are used in three different projects:
ASP.NET MVC
ASP.NET WebForms
Windows Forms
These three projects get information from a WCF Service.
It is possible in the WCF Service get the custom IIdentity (MyIdentity) and custom IIPrincipal (MyPrincipal) when this is called?
Refer the following articles-
custom identity with wcf,
custom principle with wcf
Related
I have two projects:
An ASP.NET MVC 5.2 Application using ASP.NET Identity 2.2
A WCF Application SOAP XML service.
Note: The WCF service is not hosted by ASP.NET, nor is it running in ASP.NET compatibility mode. A requirement of this project is that it is interface based and ASP.NET compatibility mode does not appear to allow an interface based implementation.
The ASP.NET MVC Application calls the WCF SOAP XML service server side when a user makes a specific action request. However, the WCF service is accessed via the public Internet so in theory anyone could call it if they knew the address. I need to ensure that only ASP.NET Identity registered users who are Administrator role are able to call it. The WCF Application could directly access the database but it doesn't seem like it would be the best solution?
How can I check from the WCF service whether a user is authenticated and authorized in ASP.NET MVC 5.2 using ASP.NET Identity 2.2 using object passing? Which objects or properties should be passed and checked? Is there any other solution? Is it possible to check authentication/authorization with attributes in wcf?
Do you own both, are they in the same domain?
You could interact with a database behind the scenes to generate an auth token, then have the wcf service pass a url with the token back to the user. When the user goes to the site via the tokenized url it checks against the database from the perspective of the ASP app and authenticates. It's a bit asymmetric, but it would handle your use case without getting into domain restrictions.
We are currently developing some new systems to replace parts of several legacy systems.
We have some new WCF web services which will sit alongside existing ASMX web services.
The ASMX web services authenticate via a Soap Header Context object with 4 custom properties including a token (previously generated and returned at login) which are then validated.
We are not re-writing the validation code yet and the login is still being handled by the existing ASMX services, so we are required to call the existing validator passing in a Context object with the 4 properties from the WCF service application.
How do we capture the 4 properties via the WCF service?
A previous WCF project implemented WCFExtras+ to replicate the Soap Header over WCF.
We can do that again but would prefer a native WCF approach.
I have found options such as custom UserNamePasswordValidator or ServiceAuthorizationManager but have been unable to determine how to exactly apply these to our specific requirements.
Is this possible? How?
After much googling I wrote my own custom behaviour using IOperationBehavior, IContractBehavior and IDispatchMessageInspector
I am working on a 3-tier asp.net mvc project and want to build a custom provider for user authentication and authorization based on the default one provided by asp.net. At which tier should the membership provider be implemented?
We currently have a web tier, web service tier and a database tier. The two options I have come up with so far are:
Implement the provider in the web tier. The implementation will call methods exposed by the web service which in turn talks to the database.
Implement the provider in the web service tier. The implementation will talk to the database directly.
Web Tier will be the ideal place to implement membership provider, if you are planning to have only one UI which consumes your services.
I have an MVC4 internet solution which uses the following setup
N Tier Application with Repository Design
Authentication etc all decoupled from UI and on DAL Layer (Accessed via SecurityRepository)
Uses SimpleAuthentication in background
I have been asked to add a WebAPI project to the solution so I can share the datasource, purely for reading some data out to a Winform application internally.
Is it possible to still decorate the Controllers in the API with [Authorize] and call the SecurityRepository.Login method to authenticate a winform? Winforms don't use cookies so not sure how I would supply a token and manage access via roles. I want it to authenticate in the background and not have a login page, ideally seamless to the end user we have switched the current Winform app datasource to point to this WebAPI.
[Edit]
For future searchers, look here too: ASP.NET MVC 4 Web API Authentication with Membership Provider
You will have to change your Authentication for WebApi. The easiest way is to implement token autentication. There is a simple article on Steves Coding Blog about Basic Authentication with Asp.Net WebAPI
I'm building a simple .NET 3.5 Web Application that uses ExtJS 4
I've created ASP.NET Application, added ExtJS to it and did all client-server communication with asmx services.
But I would like to convert them into REST services.
I was looking over the net but didn't found any example.
I have tried to add svc service to my solution, but I don't know which one should I use? Ajax-enabled or WCF Service.
I need only 4 simple operations (for now) in my service:
Get all records,
Create new record
Update record
Delete record
Standard CRUD, but I would like to create it using REST.
How to create a REST service inside ASP.NET Web Application.
How should I name my methods and how to create uri templates for them so
they will work with ExtJS?
How to configure Web.config so that it all will work.
I found this question: REST from asp.net 2.0
but I would like to know how to connect REST with ExtJS.
My questions:How should I add WCF Service (svc) to ASP.NET Application (VS2005, .NET 3.5), how to create methods and configure Web.config to allow communication between ExtJS rest store and webservice.