How to set WCF security when Calling WCF from a web applicaion that shares same ASPNET membership with WCF service?

1
votes

NET web application and a WCF Application that share the same ASP.NET membership database. They are both sharing the same ASP.NET membership database.

It is basically like:

WCF: is https://ServerName/Services.svc ASP.NET: is https://ServerName/Default.aspx

(both are two virtual folders in the same web application and both are using the same ASP.NET membership database).

The user logs on to the ASP.NET application and can then decide to call the WCF service.

What are my options for setting the security for the call between the ASP.NET and the WCF service that make the call using the credentials supplied by the user when logging to the ASP.NET application?

2
asp.netwcfasp.net-membershipwcf-security
I assume that the client of your aspx page is a browser, displaying some web page to the user. Please could you tell us what is the client of the WCF service? i.e. clarify what you mean by "The user... can then decide to call the WCF service".Chris Dickson

2 Answers

0
votes

For the fastest implementation (by fastest I mean to get up and running) get Juval Lowy`s ServiceModelEx library from http://www.idesign.net and use his declarative security library.

I have used this library a lot and it works well.

0
votes

If you run you application in ASP.Net Compatibility mode. You will get all the security features available with ASP.Net. Things such as HttpContext.Current.User will point to the logged in user.