R – ASP.NET, SilverLight, WCF & Forms Authentication – How to configure endpoints

asp.net-3.5forms-authenticationsilverlightwcf

I have this existing environment:

1) ASP.NET 3.5 web application

2) forms authentication with the SqlMembershipProvider

I need to add the following:

1) a Silverlight charting object embedded in a web page.

2) a WCF service to be consumed by:
 a) the Silverlight component embedded in an authenticated 
       web page, as mentioned above

 b) server-based WCF clients with certificate based authentication

My question is – what is the easiest/best way to configure the WCF endpoints for the Silverlight object to authenticate to the WCF service using the security context of the already logged-in user (via the page that’s hosting the Silverlight object) without having to use the user's username/password again?

I've researched a lot of the MSDN and Patterns & Practices material and I thought I had a decent grasp of many of the potential authentication scenarios. But I can't seem to figure out a way to tie them together for the scenario I've outlined. I've found other people posting similar questions to mine but none of the answers I've read seem to fully answer their questions either. (Maybe I'm making this harder than it needs to be?)

I would think that the solution would be to somehow use the authentication token/cookie generated in the asp.net form login and somehow pass that to the Silverlight object which then includes it in the WCF request. But I don't see how to configure the WCF endpoint to use that token.

(In some of my other projects I've implemented the server-to-server scenario in 2.b above using certificate-based authentication, so I'm not too worried about adding that to the current mix I've outlined.)

Thanks in advance for any insight or pointers to the path forward.

Terry

Best Answer

Thanks codemeit for trying to help but I finally figured out what I was doing wrong - it was pilot error.

In trying to configure the endpoints for my Silverlight app I was testing with an asp.net page. I finally realized that when I test that way, the client endpoint is no longer originating from the authenticated browser - the client endpoint is the IIS server which in turn executes the request against the WCF server endpoint. So the security context changes and HttpContext.Current.User.Identity is always empty at the WCF server endpoint.

Once I got my test SL app running in the browser, it automatically inherited the security context of the authenticated browser and then HttpContext.Current.User.Identity was correct and authenticated at the WCF server endpoint.

Reply to the post for SOAP and RESTful POX(XML)

For plain old XML as return format, this is an example that would work both for SOAP and XML.

[ServiceContract(Namespace = "http://test")]
public interface ITestService
{
    [OperationContract]
    [WebGet(UriTemplate = "accounts/{id}")]
    Account[] GetAccount(string id);
}

POX behavior for REST Plain Old XML

<behavior name="poxBehavior">
  <webHttp/>
</behavior>

Endpoints

<services>
  <service name="TestService">
    <endpoint address="soap" binding="basicHttpBinding" contract="ITestService"/>
    <endpoint address="xml" binding="webHttpBinding"  behaviorConfiguration="poxBehavior" contract="ITestService"/>
  </service>
</services>

Service will be available at

REST request try it in browser,

http://www.example.com/xml/accounts/A123

SOAP request client endpoint configuration for SOAP service after adding the service reference,

  <client>
    <endpoint address="http://www.example.com/soap" binding="basicHttpBinding"
      contract="ITestService" name="BasicHttpBinding_ITestService" />
  </client>

in C#

TestServiceClient client = new TestServiceClient();
client.GetAccount("A123");

Another way of doing it is to expose two different service contract and each one with specific configuration. This may generate some duplicates at code level, however at the end of the day, you want to make it working.

C# – ASP.NET MVC + Silverlight + Forms Authentication

Ok, so i got it to work, kinda.

Following the content here i managed to get a service up and running that would allow me to successfully login. The problem is i had to change the RequireSSL to false. I could not get the service to work running on https.

Anyone know what i need to do to get it to work on SSL? i am using the ASP.NET development server right now, do i need to configure a real version of IIS on this box for that to work?

Best Answer

Related Solutions

REST / SOAP endpoints for a WCF service

Reply to the post for SOAP and RESTful POX(XML)

C# – ASP.NET MVC + Silverlight + Forms Authentication

Related Topic