How To Set WCF Security When Calling WCF From A Web Applicaion That Shares Same Membership With WCF Service
Dec 12, 2010
I have an ASP.NET web application and a WCF Application that share the same ASP.NET membership database.
They are both sharing the same ASP.NET membership database.
It is basically like:
WCF: is [URL]
ASP.NET: is [URL]
(both are two virtual folders in the same web application and both are using the same ASP.NET membership database).
The user logs on to the ASP.NET application and can then decide to call the WCF service.
What are my options for setting the security for the call between the ASP.NET and the WCF service that make the call using the credentials supplied by the user when logging to the ASP.NET application?
I'm developing a web application using EF4, POCO's, WCF Data Services and the presentation tier (HTML, CSS, JavaScript, Ajax - NO WebForms). For security I would like using ASP.NET Membership Provider (Authentication Service): from a *.htm file calling the AuthenticationService. I executed aspnet_regsql.exe (to create the necessary database tables) and modified my web.config file:
I am writing two ASP.NET apps. One is a web service that provides xml data and the other is a web client that will use the service to display and manipulate data. I would like for the web service to do the membership authentication and authorization. Is there any way to simply point the login controls in my client application to the web service instead of to a database. I assume I would have to provide the necesarry methods in my web service interface, which would then use the membership provider database I created and pass the results back through to the client.
Is this possible? I have seen many articles on security provisioin from a web service but none has really been what I am looking for. I was hoping that, since my service and my client are both written in ASP.NET, there might be some built functionality that would benefit me.
I have a web application that uses a SQL database which contains all the standard asp membership tables.Within my Web application I use the standard asp.net membersip logic for adding new users, roles, etc...The point here is I dont use any custom providers for anything.Now on that same machine that is hosting my web application I am writing a Windows service in c# .net.As part of one of the method calls to the windows service application I was curious if I would be able to use any type of membership classes that would connect to my existing database and perform the same functionality as does the ASP.NET membership classes.
I have wcf web service, I works fine on my local machine,but when I move it to live then it throws following error
System.Security.SecurityException: Request for the permission of type 'System.Configuration.ConfigurationPermission, System.Configuration, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a' failed.
Can I use the membership provider api on a hosted service? I can create mssql databases but have no control over iis. Will I be able to use the membership admin webpage on the hosted service?
Am I correct in stating that the api uses ASPNETDB.MDF in the app_data folder as it's database?
I have the following scenario. An user uses the desktop application to call our WCF Service which has windows authentication. The WCF Service calls the Office Communication Server (OCS) in order to do some custom work.
When the WCF Service calls OCS we have to pass an instance of NetWorkCredential into the call. I want to pass in the original calling users NetworkCredential object into the OCS call rather than constructing it using a custom username and password. How do I get access to the calling users NetworkCredential object from the WCF service and pass it to the OCS call?
In IIS I have a virtual directory with only windows authentication enabled. From Javascript I call into a ASMX webservice. From the ASMX webservice I make a call to the SharePoint Search.asmx Webservice. whatever I try I keep getting the followin gerror message:
"The request failed with HTTP status 401: Unauthorized"
I use the following code to call the SharePoint webservice
[Code]....
My web.config settings are:
[Code]....
The Sharepoint farm is configured to use NTLM authentication.
Strangely everything works when I am testing in Visual Studio using the builtin webservice, but when I deply to my local IIS or Test Server it breaks.
I've set up a system with forms based authentication and using the asp:Login control. When I put in an invalid password I get the approriate invalid password message. However when I put in a valid password, it does nothing...just returns to the login page again. I'm triple checked the login info. There is no error message, and the invalid attempts counter doesn't increment. When I put a break point in the Login_LoggedIn event of the Login form, it hits it, but User.Identity.IsAuthenticated is false. I'm not 100% sure it should be true at this point, as I'm pretty new to .NET but it seems kind of odd.
My user database is stored in a sqlserver 2005 db that already existed. I've added a new connection for it.In the authorization I have
I had created a Membership ASP.NET 3.5 website and selected the Forms authentication. Therefore, I created several users with related information into the ASPNETDB database. Yesterday, I changed the website security to Windows authentication.
This morning, when reviewing the ASPNETDB data for another website, I still can see those Membership Forms users and their ApplicationIDs in the aspnet_Users and aspnet_membership tables. How can I delete those Forms users?
Another question: In aspnet_Applications table, I can see the ApplicationName (e.g. /WebPartsDemo) for the Web Parts websites. I have 2 ApplicationIDs in the aspnet_Membership table. I can not see only one ApplicationID in the aspnet_Applications table, but with an empty ApplicationName, i.e. / only.
Do I miss something when creating the Membership website? What is the ApplicationName for the Membership website?
I have a client asp.net website that uses ASP.Net Membership, Roles and Profile providers and Login controls. I need to expand the application so was going to use WCF Workflows, the ASP.Net website will be hosted on a different server than the WCF Services so what I want to do is get the ASP.Net Website to auth via the WCF Service. So process will go:
ASP.Net Website ------------------> WCF Service ------------------> SQL Database (Membership, Roles, Profile, Workflow Persistence Data and Business Data)
I tried creating a custom Membership and Role providers but I have had problems managing the users (Membershipuser class) saying null when a vaild user has been return by the WCF Service as can access the properies but not the methods.
I want to access membership and profile objects and wants to access profile properties that I have defined in my web app web.config file, from a windows service. Anyone have any idea on how to do this?
ERROR MESSAGE:When visiting this URL directly: http://localhost:57667/ExampleService.svc/ProcessRequest
The exception message is 'No component for key example.ExternalWebServiceStubs.Example.ExampleService was found'. Castle.MicroKernel.DefaultKernel.get_Item(String key) at Castle.Facilities.WcfIntegration.WindsorInstanceProvider.GetInstance
I am developing an applicaion for time sheet which uses gridview.
The columns are dynamically generated based upon the start date and end date.Its a biweekly pay period.
Apart from these 15 Day 1 to Day 15 columns there are 5 other columns for different codes which are added to gridview using data table. I have drop down list control for the 5 codes and text boxes for the remaining day 1 to day 15 columns.
Now when the user selects the values from the drop down list and enters the number of hours into the text box using a footer row with a inert link button it should add the values entered to the footer row to the data table data row and then rebind the data table to the data base. I am some how unable to get the values entered by user into the footer following is the code for insert_click event
Protected Sub lnkInsert_Click(ByVal sender As Object, ByVal e As EventArgs) Dim tb As TextBox = GridView1.FooterRow.FindControl("txtctrl6") End Sub Protected Sub lnkInsert_Click(ByVal sender As Object, ByVal e As EventArgs)
I have a webservice project and a web project in the same solution.
The web project implements a membershipprovider.
I want to be able to authenticate user via the webservice project but when i call this method in the webproject: public static bool AuthUser(string userName, string password) { return Membership.ValidateUser(userName, password); }
I get this inner ex."Failed to generate a user instance of SQL Server due to a failure in starting the process for the user instance. The connection will be closed." Calling the method from the webproject works fine. I understand why I get the ex. but not how to solve it.. UPDATE Well I fixed the issue by deleting the C:UsersJRBAppDataLocalMicrosoftMicrosoft SQL Server DataSQLEXPRESS folder.. However now the method always returns false.. It almost seems like it doesn't use the proper connectionstring.
I am new to Silverlight. In Silverlight, we can get data from server using ASP.Net (using WebClient and HTTPWebRequest classes in Silverlight) and using WCF Service.
Assuming that I do not need the cross domain capability, what is a good option in terms of Security and ease of development?
I am in the process of implementing jQuery calling WCF service which is hosted in the same domain. My application uses Win Auth that works fine with ASP.NET app. I would like to know from the team if the user calls the WCF service from the ASP.NET what is the security context in which the service runs? Or it uses the web.config security which is specified? Are there any links related to this where i can get some information.
ASP.NET 4.0, jQuery and WCF 4.0 in same web application
[ServiceContract] public interface IService1 { [OperationContract] string GetData(int value); // TODO: Add your service operations here } public class Service1 : IService1 { public string GetData(int value) { return string.Format("You entered: {0}", value); } }
the following call is working
protected void Button1_Click(object sender, EventArgs e) { ServiceReference1.Service1Client p = new ServiceReference1.Service1Client(); Label1.Text= p.GetData(5); }
but when I am trying to call it from jquery its not working
I am developing application for PDA. The Sql Server compact edition is installed on PDA. The data is stored on PDA's DB as well as the Server Database through wifi.
If the server is available,the data will be stored through web service, If not available ,the data should be inserted when the server is connected to the data.
which is better to transfer data whether the web service or windows service?
If web service means, how could i transfer the data to server database?
I have almost the same problem as you have described in [URL] service. I have a asp.net webservice that calls a WCF service. On my development machine this is working fine. But if i deploy my ASP.net Webservice it is not working. Both the ASP Webservice en WCF service needs my cridentials. How did you solved your problem. In the logging of the WCF service I see that my credentials is not passing to WCF.
there ( my first post in this forum ). i created a web service which searches for user info from a adatabase based on the user id(input). i want to call this service from the bookstore web site i created for my course project but apparently i'm not doing something right. i get an error : [IndexOutOfRangeException: Index was outside the bounds of the array]. So to give you an idea of exactly what i've done so far, here's the code...
The web methods I have created in web service are as follows:
namespace WebService3 { /// <summary> /// Summary description for Service1 /// </summary> [WebService(Namespace = "http://tempuri.org/")] [WebServiceBinding(ConformsTo = WsiProfiles.BasicProfile1_1)] [ToolboxItem(false)] public class Service1 : System.Web.Services.WebService {.........
However when I run the above php code it does not return the added value of the passed parameters. Instead it previews the word 'Arrays' I m not experienced in php programming. Am I doing something wrong the above codes?
I've got a website which contains the profile of users. I am now working on a mobile app and I would like to access the profile details from via the app. My idea is to simply create a webservice which returns the relevant fields (some of which might be password protected). How can I ensure that the web service is being request only by my application and not by anything else (desktop, other app etc..)? Initial idea was to have a secret key embedded in the program which is used to encrypt the data sent over to the web service, but I'm not sure how difficult it would be for someone to find that key since it's on the client side app.