WCF,ASP.NET成员资格提供验证服务 [英] WCF, ASP.NET Membership Provider and Authentication Service
问题描述
我已经写了一个Silverlight 2应用程序与WCF服务(basicHttpBinding的)通信。该网站托管Silverlight内容是使用ASP.NET成员资格提供保护。我可以访问我的WCF服务使用HttpContext.Current.User.Identity.Name当前用户,我打开了AspNetCompatibilityRequirementsMode。
I have written a Silverlight 2 application communicating with a WCF service (BasicHttpBinding). The site hosting the Silverlight content is protected using a ASP.NET Membership Provider. I can access the current user using HttpContext.Current.User.Identity.Name from my WCF service, and I have turned on AspNetCompatibilityRequirementsMode.
我现在想写使用完全相同的Web服务的Windows应用程序。为了处理身份验证我已经启用了验证服务,并可以调用登录验证我的用户...奥基,都好......但是到底如何做,我得到了验证cookie在我的其他服务客户端设置?
I now want to write a Windows application using the exact same web service. To handle authentication I have enabled the Authentication service, and can call "login" to authenticate my user... Okey, all good... But how the heck do I get that authentication cookie set on my other service client?!
这两种服务都托管在同一个域中
Both services are hosted on the same domain
- MyDataService.svc< - 一个处理我的数据
- AuthenticationService.svc< - 一个应用程序有窗户打电话来验证 。
我不希望Windows客户端创建一个新的服务,或者使用另一种结合...
I don't want to create a new service for the windows client, or use another binding...
客户端应用程序服务是另一种选择,但所有的例子仅限于说明如何获取用户,角色和他的个人资料......但是一旦我们使用客户端应用程序服务正在验证应该有一种方式来获得回调到同一服务器时身份验证cookie贴在我的客户端提供服务。
The Client Application Services is another alternative, but all the examples is limited to show how to get the user, roles and his profile... But once we're authenticated using the Client Application Services there should be a way to get that authentication cookie attached to my service clients when calling back to the same server.
据同事解决方案添加的wsHttpBinding终点,但我希望我能解决这个让输入...
According to input from colleagues the solution is adding a wsHttpBinding end-point, but I'm hoping I can get around that...
推荐答案
我终于找到了一种方法,使这项工作。为了验证我使用了 WCF身份验证服务。当验证服务将尝试设置身份验证Cookie。我需要得到这个cookie出的响应,并把它添加到由其他网络服务在同一台机器上的任何其他要求。在code要做到这一点是这样的:
I finally found a way to make this work. For authentication I'm using the "WCF Authentication Service". When authenticating the service will try to set an authentication cookie. I need to get this cookie out of the response, and add it to any other request made to other web services on the same machine. The code to do that looks like this:
var authService = new AuthService.AuthenticationServiceClient();
var diveService = new DiveLogService.DiveLogServiceClient();
string cookieHeader = "";
using (OperationContextScope scope = new OperationContextScope(authService.InnerChannel))
{
HttpRequestMessageProperty requestProperty = new HttpRequestMessageProperty();
OperationContext.Current.OutgoingMessageProperties[HttpRequestMessageProperty.Name] = requestProperty;
bool isGood = authService.Login("jonas", "jonas", string.Empty, true);
MessageProperties properties = OperationContext.Current.IncomingMessageProperties;
HttpResponseMessageProperty responseProperty = (HttpResponseMessageProperty)properties[HttpResponseMessageProperty.Name];
cookieHeader = responseProperty.Headers[HttpResponseHeader.SetCookie];
}
using (OperationContextScope scope = new OperationContextScope(diveService.InnerChannel))
{
HttpRequestMessageProperty httpRequest = new HttpRequestMessageProperty();
OperationContext.Current.OutgoingMessageProperties.Add(HttpRequestMessageProperty.Name, httpRequest);
httpRequest.Headers.Add(HttpRequestHeader.Cookie, cookieHeader);
var res = diveService.GetDives();
}
正如你可以看到我有两个客户端提供服务,一是FO的认证服务,以及一个用于服务实际上,我使用。第一座将调用登录方法,并获取身份验证Cookie了反应。第二块将调用GetDives的服务方法之前,头添加到请求。
As you can see I have two service clients, one fo the authentication service, and one for the service I'm actually going to use. The first block will call the Login method, and grab the authentication cookie out of the response. The second block will add the header to the request before calling the "GetDives" service method.
我不开心与此code在所有的,我认为一个更好的选择可能是使用Web引用中的服务引用代替,并使用.NET 2.0堆栈来代替。
I'm not happy with this code at all, and I think a better alternative might be to use "Web Reference" in stead of "Service Reference" and use the .NET 2.0 stack instead.
这篇关于WCF,ASP.NET成员资格提供验证服务的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
