You need to configure your service to use ASP.NET roles for authorization. You do this by setting the principalpermissionmode to UseAspNetRoles in the service behaviour configuration:
To make it work you somehow need to pass the credentials (username and password) to the WCF service. I guess you don't have the passwords in plain text?
An easier way of authorizing the user in your service would be to get HttpContext.Current.User from inside your service methods.
public class MathService : IMathService
{
public MathService()
{
System.Threading.Thread.CurrentPrincipal = HttpContext.Current.User
}
public MathResponse Add(MathRequest request)
{
System.Security.Principal.IPrincipal principal = System.Threading.Thread.CurrentPrincipal;
if(!principal.IsInRole("Role"))
throw new UnauthorizedAccessException();
int result = 0;
foreach (int number in request.Numbers)
result += number;
return new MathResponse { Value = result };
}
}
janna574
0 Points
6 Posts
WCF and asp.net Form Authentication
Apr 04, 2012 03:27 PM|LINK
i have an asp.net website and a wcf wervice i called it from my site
now i loged in from asp.net site and in my wcf service i have [PrincipalPermission(SecurityAction.Demand,Role="admin")] attribute
but i can not share my login ticket between my asp.net website and wcf service
btw wcf service is wsDualHttpBinding
mm10
Contributor
6455 Points
1187 Posts
Re: WCF and asp.net Form Authentication
Apr 04, 2012 03:58 PM|LINK
You need to configure your service to use ASP.NET roles for authorization. You do this by setting the principalpermissionmode to UseAspNetRoles in the service behaviour configuration:
<behaviors> <behavior name="ServiceBehaviour"> <serviceAuthorization principalPermissionMode ="UseAspNetRoles" roleProviderName ="YourRoleProvider" /> </behavior>You also need to specify your role provider, use the same provider as you do in your web application.
janna574
0 Points
6 Posts
Re: WCF and asp.net Form Authentication
Apr 04, 2012 04:04 PM|LINK
i did it and then i loged in in asp.net website and when i called the wcf service i got exception
"Request for principal permission failed."
mm10
Contributor
6455 Points
1187 Posts
Re: WCF and asp.net Form Authentication
Apr 04, 2012 04:23 PM|LINK
Specify usernameAuthentication as authorization and username as clientCredentialType for the binding:
<behaviors>
<behavior name="ServiceBehaviour">
<serviceAuthorization principalPermissionMode ="UseAspNetRoles"
roleProviderName ="YourRoleProvider" />
<serviceCredentials>
<userNameAuthentication userNamePasswordValidationMode ="MembershipProvider"
membershipProviderName ="YourMembershipProvider"/>
</serviceCredentials>
</behavior>
<bindings>
<wsDualHttpBinding>
<binding>
<security mode ="Message">
<message clientCredentialType ="UserName"/>
</security>
</binding>
</wsDualHttpBinding>
</bindings>
janna574
0 Points
6 Posts
Re: WCF and asp.net Form Authentication
Apr 04, 2012 04:28 PM|LINK
Same exception !!!
can u make an example of webiste and wsDualHttpBinding ?
mm10
Contributor
6455 Points
1187 Posts
Re: WCF and asp.net Form Authentication
Apr 04, 2012 04:30 PM|LINK
Why are you using the wsDualHttpBinding instead of the wsHttpBinding?
How do you call your WCF service from the web application?
janna574
0 Points
6 Posts
Re: WCF and asp.net Form Authentication
Apr 04, 2012 04:31 PM|LINK
it is a chat application, i think wsDualHttpBinding is better
mm10
Contributor
6455 Points
1187 Posts
Re: WCF and asp.net Form Authentication
Apr 04, 2012 04:40 PM|LINK
To make it work you somehow need to pass the credentials (username and password) to the WCF service. I guess you don't have the passwords in plain text?
An easier way of authorizing the user in your service would be to get HttpContext.Current.User from inside your service methods.
janna574
0 Points
6 Posts
Re: WCF and asp.net Form Authentication
Apr 04, 2012 04:47 PM|LINK
thanks for ur help
can you explain it with example?
mm10
Contributor
6455 Points
1187 Posts
Re: WCF and asp.net Form Authentication
Apr 04, 2012 04:54 PM|LINK
public class MathService : IMathService { public MathService() { System.Threading.Thread.CurrentPrincipal = HttpContext.Current.User } public MathResponse Add(MathRequest request) { System.Security.Principal.IPrincipal principal = System.Threading.Thread.CurrentPrincipal; if(!principal.IsInRole("Role")) throw new UnauthorizedAccessException(); int result = 0; foreach (int number in request.Numbers) result += number; return new MathResponse { Value = result }; } }