0

We are starting with a new application build with Asp.net. It should connect to a webservice which is already available to retrieve data to present to the user. We've created a repository which communicates with the webservice.

The webservice needs authorization with the same user credentials which the user uses to logon to the web application. The user is authorized with Forms Authentication with cookie support.

The problem is that we cannot retrieve the password from the user on new requests when the user is once authorized and automatically logged on. This password is needed to logon to the webservice from the repository classes.

Any ideas on how to implement this the best and safest way ?

Improve this question
2
  • Have you seen this question? stackoverflow.com/questions/488676/… Commented Jul 3, 2012 at 15:47
  • 1
    It is ALWAYS the wrong answer if you need to retrieve the users password. No solution should require that a users password be retained, only password hashes. Commented Jul 3, 2012 at 16:42

1 Answer 1

Reset to default
0

You can try using Client Application Services to get and set the cookie. Or you can manually get and set the cookie using the sample code on this post. The example shows both methods and is geared specifically to passing a forms authentication cookie from an MVC application to an OData WCF feed:

http://blogs.msdn.com/b/astoriateam/archive/2010/07/21/odata-and-authentication-part-7-forms-authentication.aspx

Also, here is a similar example that is trimmed down in scope:

http://www.codeproject.com/Articles/190806/Send-Cookies-When-Making-WCF-Service-Calls

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.