1

I'm writing an admin panel in ASP.NET for an existing set of web service calls. My goal is to use some of the existing login stuff (locking out pages if your not logged in) etc but using my login mechanism. This works by hitting an http post request with a username and password, if you're good you get a session id back, if not you get a 401. Here is the WCF for that:

        [WebInvoke(UriTemplate = "/Login/", Method = "POST")]
        public String Login(User user)
        {     
            // If we are good return sessiond id
            // Otherwise throw 401 etc

So to get this working in ASP.Net what is needed?

I think this:

  • Implement a user that overrides MembershipUser and has a session id in it.
  • Implement a membership provider that overrides MembershipProvider and does all the WCF calls etc.
  • In the Web.Config set up a custom membership provider.

Is this correct or am I missing something major?

Improve this question

1 Answer 1

Reset to default
1

Rather than do this yourself, you might want to take a look at the WCF Authentication Services.

Before you go down this route, be aware that the authentication services supports login and logout, but that is about it. The usual Membership methods such as CreateUser aren't available. If you need them, you'll need to create three projects:

  1. A WCF Service Application with a single service called WCFMembershipService that wraps the core Membership Provider requirements, i.e. calling Membership.Provider.Method(). Configure the standard SQLMembershipProvider in the web.config, and
  2. A custom membership provider to be used in the ASP.NET application that calls your WCF service from step 1, and
  3. An ASP.NET Application with the custom membership provider configured

You will find that the Membership and Role providers are extremely easy, but the Profile provider is more challenging, because you cannot serialize the default properties that the provider requires, such as SettingsPropertyValueCollection.

In this case, you would need to convert the SettingsPropertyValueCollection into a serializable type first, and then reconstruct it at the other end. Probably a Dictionary<string, string>() would suffice.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.