473,320 Members | 1,883 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,320 software developers and data experts.

WCF problem maintaining principal across service calls

M#
Hi everyone,

I'm using WCF authentication services in my current project. I used
the following information as a starting point:
http://msdn.microsoft.com/en-us/library/bb398990.aspx

Unfortunately, I can't manage to get/set the generic principal when I
call other services. The authentication cookie is always null. I've
included some of my Global.asax code below. Any help would be greatly
appreciated:

void Application_Start(object sender, EventArgs e)
{
// Code that runs on application startup
AuthenticationService.Authenticating
+= new EventHandler<AuthenticatingEventArgs>
(AuthenticationService_Authenticating);

/// Customize the cookie returned, adding role
/// and other information.
AuthenticationService.CreatingCookie
+= new EventHandler<CreatingCookieEventArgs>
(AuthenticationService_CreatingCookie);
}

void AuthenticationService_Authenticating(object sender,
AuthenticatingEventArgs e)
{
e.Authenticated = false;

/// Theoretical custom credential that would distinguish
/// duplicate user names for the purpose of ensuring
/// unique authentication MK 04/13/08
int organizationId;

string[] credentials = e.CustomCredential.Split(new char[]
{ ',' });

if (credentials.Length != 0
&& int.TryParse(credentials[0], out organizationId))
{
e.Authenticated =
MembershipManager.ValidateUser(e.UserName,
e.Password,
organizationId);
}

e.AuthenticationIsComplete = true;
}

void AuthenticationService_CreatingCookie(object sender,
CreatingCookieEventArgs e)
{
int organizationId;

if (int.TryParse(e.CustomCredential, out organizationId))
{
string roles = RoleManager.GetRolesForUser(e.UserName,
organizationId);

FormsAuthenticationTicket ticket = new
FormsAuthenticationTicket(1,
e.UserName,
DateTime.Now,
DateTime.Now.AddHours(2),
false,
roles,
FormsAuthentication.FormsCookiePath);

string encryptedTicket =
FormsAuthentication.Encrypt(ticket);

HttpCookie cookie = new HttpCookie(
FormsAuthentication.FormsCookieName,
encryptedTicket);

cookie.Expires = DateTime.Now.AddHours(2);
cookie.Domain = ".localhost";
HttpContext.Current.Response.Cookies.Add(cookie);

e.CookieIsSet = true;
}
}

/// <summary
/// Recreates the Principal on every request, assigning roles
/// and other information from the authentication ticket.
/// </summary>
/// <param name="sender"></param>
/// <param name="e"></param>
void Application_AuthenticateRequest(object sender, EventArgs e)
{
HttpCookie ticketCookie
=
Context.Request.Cookies[FormsAuthentication.FormsCookieName];

if (null == ticketCookie)
{
return;
}

try
{
FormsAuthenticationTicket ticket
= FormsAuthentication.Decrypt(ticketCookie.Value);

if (null != ticket)
{
string[] roles =
RoleManager.GetRolesFromString(ticket.UserData);
FormsIdentity identity = new FormsIdentity(ticket);
Context.User = new GenericPrincipal(identity, roles);
}
}
catch (Exception ex)
{
/// TODO: Make to call to exception utility method
}
}
Jun 27 '08 #1
3 2631
M#
Ok, so I'm guessing that I was a little unclear about the above. To
put it more succinctly: I'm trying to use a forms authentication
cookie with my website AND the multiple web services to authenticate
and authorize users. Is this possible, and if so how?

Thanks,
M#
Jun 27 '08 #2
strictly speaking? No. But there is a workaround here that you ought to try
out
http://www.dotnetbips.com/articles/d...d151103b2.aspx

--

Regards,
Alvin Bruney [MVP ASP.NET]

[Shameless Author plug]
The O.W.C. Black Book, 2nd Edition
Exclusively on www.lulu.com/owc $19.99
-------------------------------------------------------
"M#" <mi***********@gmail.comwrote in message
news:ce**********************************@59g2000h sb.googlegroups.com...
Ok, so I'm guessing that I was a little unclear about the above. To
put it more succinctly: I'm trying to use a forms authentication
cookie with my website AND the multiple web services to authenticate
and authorize users. Is this possible, and if so how?

Thanks,
M#
Jun 27 '08 #3
M#
On Jun 7, 10:30 pm, "Alvin Bruney [ASP.NET MVP]" <vapor dan using hot
male spam filterwrote:
strictly speaking? No. But there is a workaround here that you ought to try
outhttp://www.dotnetbips.com/articles/dbd724e9-78f0-4a05-adfb-190d151103...

--

Regards,
Alvin Bruney [MVP ASP.NET]

[Shameless Author plug]
The O.W.C. Black Book, 2nd Edition
Exclusively onwww.lulu.com/owc$19.99
-------------------------------------------------------

"M#" <michauxkel...@gmail.comwrote in message

news:ce**********************************@59g2000h sb.googlegroups.com...
Ok, so I'm guessing that I was a little unclear about the above. To
put it more succinctly: I'm trying to use a forms authentication
cookie with my website AND the multiple web services to authenticate
and authorize users. Is this possible, and if so how?
Thanks,
M#
Thanks for the response. Unfortunately I can't use the .asmx style
services. My requirements are that I use WCF service to authenticate
and authorize the user. The WCF is being hosted in separate
application and server, than the consuming application. When the user
is authenticated I would like to maintain the principal across threads
and subsequent calls to other wcf services. I know that's kinda a
plateful, but do know of any other places I can look to resolve this?

Thanks again,
M#
Jun 27 '08 #4

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

0
by: Leo Tohill | last post by:
In our IIS application we have C# "behind code" that calls across remoting to a service. In the service, we keep local storage on the thread. From instrumentation, I now realize that hundreds of...
0
by: GnanaPrakash.R | last post by:
Hi All, I would like to trace all remoting calls happen from the client. I got a rough idea of creating custom service and injecting into the object/message chain. Now i want to pass the user...
0
by: Mythran | last post by:
We have a class that Implements IPrincipal (System.Security.Principal.IPrincipal). We have a business logic class library assembly that checks the Principal object for role information to see if...
0
by: Mythran | last post by:
I have a custom Principal (implements System.Security.Principal.IPrincipal interface) that I need to access from a WebService. My web application has the Thread.CurrentPrincipal set to this new...
0
by: google | last post by:
Hi, I use Custom Principal and it works well on my PC (Localhost). When I deploy it at my hosting service it fails. I print out HttpContext.Current.User.GetType().ToString() On my PC it...
1
by: giatorta | last post by:
Hi all, I have a scenario where the client calls Web Service WS1 and WS1 calls Web Service WS2 I have methods M1 on WS1 and M2 on WS2 both with EnabledSession=True assume M1 on WS1 does the...
2
by: ilyas | last post by:
Hi all I have a web service that I have written. It is written in C# I want to use this web service from a browser, but my users all have different browsers so its important that the code to...
3
by: M# | last post by:
Hi everyone, I'm using WCF authentication services in my current project. I used the following information as a starting point: http://msdn.microsoft.com/en-us/library/bb398990.aspx ...
3
by: eschneider | last post by:
Just some common issues with WS: Using custom objects: When objects change, seems you are always fixing some issue. Update references, which sometimes does not work. Deployment: Weird errors...
0
mbmccormick
by: mbmccormick | last post by:
I have a web service in the same project as the rest of my website. I am able to call my web service without any trouble from the Javascript on my page using the Script Manager. Now, I want to have...
0
by: DolphinDB | last post by:
The formulas of 101 quantitative trading alphas used by WorldQuant were presented in the paper 101 Formulaic Alphas. However, some formulas are complex, leading to challenges in calculation. Take...
0
by: DolphinDB | last post by:
Tired of spending countless mintues downsampling your data? Look no further! In this article, you’ll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
0
by: ryjfgjl | last post by:
ExcelToDatabase: batch import excel into database automatically...
0
by: Vimpel783 | last post by:
Hello! Guys, I found this code on the Internet, but I need to modify it a little. It works well, the problem is this: Data is sent from only one cell, in this case B5, but it is necessary that data...
0
by: ArrayDB | last post by:
The error message I've encountered is; ERROR:root:Error generating model response: exception: access violation writing 0x0000000000005140, which seems to be indicative of an access violation...
0
by: CloudSolutions | last post by:
Introduction: For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
0
by: Defcon1945 | last post by:
I'm trying to learn Python using Pycharm but import shutil doesn't work
0
by: af34tf | last post by:
Hi Guys, I have a domain whose name is BytesLimited.com, and I want to sell it. Does anyone know about platforms that allow me to list my domain in auction for free. Thank you
0
by: Faith0G | last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.