2
votes

I am using a WCF authentication service I set up with a web application. I have successfully set up and tested the AuthenticationService and RolesService. The web application can successfully call methods like ValidateUser and GetRolesForCurrentUser through the WCF services.

I want to integrate the WCF authentication service with my web.config and site.map. Do I need to write a custom provider, or is there some way I can modify the web.config of the web application to use the WCF authentication service as its membership provider?

This way I can set what roles have access to what directories based off the WCF authentication service.

2
I'm assuming you mean Windows Communication Foundation and not the old Windows Foundation Classes (which have nothing to do with ASP.NET).Aaronaught

2 Answers

2
votes

Application Services are not intended as a replacement for the provider stack.

They are meant to augment and enable usage from context other than .aspx.

In most cases you may simply use the default provider stack (Membership/Roles/Profiles).

You simply need to pass the cookies that you get when you call 'Login' via app services around in the context of the service call.

See here for some more information about adding cookies to a WCF call.

If you are using AJAX to call the services, you don't have to do anything, simply authenticate via ajax and then call via ajax.

1
votes

Skys answer doesn't seem to answer the question?

It seems to me that there is a genuine need to call the WCF AuthenticationService from an ASP.NET application?

Consider a three tier application where all database access is mandated to be performed by the application tier. There is a single database (data tier) containing business data as well as membership data.

I have written a three tier implementation whereby a custom MembershipProvider on the presentation tier invokes the AuthenticationService on the application tier which in turn runs my custom authentication routine. I could quite easily create a custom WCF service (eg not AutheticationService) which does this authentication but I try to use .NET objects where possible. it would be nice if I could tell ASP.NET to use the AutheticationService without needing a custom membership provider but I dont think this is possible?