使用SQL成员资格提供程序的WCF身份验证 [英] WCF Authentication using SQL Membership Provider
问题描述
希望你们能为我澄清一些问题.我有一个使用Sql Membership Provider的Web应用程序,它通过WCF服务与第二个Web应用程序通信.这两个应用程序共享相同的Sql Membership Provider数据存储库...但是我需要每个WCF服务调用来对用户进行身份验证.
Hopefully you folks can clarify some of this for me. I have a web-application using the Sql Membership Provider and it talks to a second web-application through a WCF Service. Both applications share the same Sql Membership Provider datastore...but I need each WCF Service call to authenticate the user.
现在,我看了很多示例,但是我觉得我看到的示例要么遗漏了某些代码,因为它对我来说应该显而易见",或者我误解了WCF如何处理请求. (请参见下面的预期代码).
Now, I've looked at a LOT of samples, but I feel like the samples I've seen either leave out certain code because it "should" be obvious to me, or I mis-understand how WCF handles the request (see expected code below).
感谢您的帮助...
我已经知道该怎么做
- 我知道如何在两端配置Sql Membership.
- 我知道如何设置wsHttpBinding
- 我知道如何设置运输安全中使用的服务证书
我对这里的困惑
- 我如何通过会员密码(...不能)
- 我是否通过身份验证cookie?如果可以,怎么办?
- 我是否创建与用户(自己)无关的已知"用户名和密码?
在Web客户中,我希望能看到类似这样的代码
protected void btnLogin_Click(object sender, EventArgs e)
{
// Logging into the web-application is known and easy.
if (Membership.ValidateUser("MyUserName", "MyPassword"))
{
FormsAuthentication.SetAuthCookie("MyUserName", true);
FormsAuthentication.RedirectFromLoginPage("MyUserName", false);
}
}
protected ServiceReference1.Contractor getContractor(Int32 key)
{
// I expect something "like" this on the client call.
MembershipUser user = Membership.GetUser("MyUserName");
ServiceReference1.FishDataClient wcfService = new ServiceReference1.FishDataClient();
// You can't retreive the users password directly,
// nor can you get the hash from the SqlMembershipProvider.
wcfService.ChannelFactory.Credentials.UserName.UserName = user.UserName;
// So doing something like this would not be possible.
wcfService.ChannelFactory.Credentials.UserName.Password = "??????";
// So how is the web service going to authenticate the user from it's
// references to the same SqlMembershipProvider (database).
ServiceReference1.Contractor contractor = wcfService.GetContractor(key);
wcfService.Close();
wcfService = null;
return contractor;
}
在WCF服务中,我希望看到类似的代码
[PrincipalPermission(SecurityAction.Demand, Role = "User")]
public Contractor GetContractor(Int32 key)
{
ServiceSecurityContext context = ServiceSecurityContext.Current;
Contractor contractor = new Contractor();
// What goes here? I would expect something like this...
if (Membership.ValidateUser("???????", "???????"))
contractor.Get(key);
return contractor;
}
推荐答案
我假设您的WCF成员资格提供程序和Web应用程序成员资格提供程序正在使用相同的后端用户集.
I'm assuming your WCF membership provider and your web application membership provider are using the same backend user set.
如果是这样,您希望在应用程序之间共享身份验证cookie.您可以在此处中找到有关如何执行此操作的更多信息.
If so you would want to share authentication cookies between the applications. You can find more information on how to do that here.
接下来,您需要将Web应用程序请求随附的身份验证cookie传递给WCF服务调用.您可以在此处.
Next you need to pass the authentication cookie that came with the web application request to the WCF service call. You can see how to do that here.
这个想法是用户登录到您的Web应用程序,然后登录到您的WCF服务.
The idea is the user logs into your web application and by doing so is logged into your WCF service.
这篇关于使用SQL成员资格提供程序的WCF身份验证的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
