Reputation: 2446
membership, wcf authentication service, mobile app (iOS, Android)
I am working on a project that has an asp.net web application and mobile apps (iOS, Android). I need to come up with a way to provide authentication, authorization and member registration from the various clients. I plan to use ASP.NET membership provider and setup a WCF Authentication Service to use that membership provider.
The thinking is that my web application and the mobile app clients will be able to use this service to authenticate.
Here are some questions though and I would appreciate any guidance: 1) membership provider with asp.net generates a forms authentication cookie which will not work with the mobile apps. Some of things I read suggested returning a authentication token instead in the response. 2) Does the WCF authentication service only provide authentication or can it be used for member registration as well? Basically, need a solution that can be used by mobile clients to allow for users to register.
I am sure others have done this. I am looking for some guidance so I can do this the right way as the documentation and sample I have found seem incomplete.
Thanks in advance.
Upvotes: 3
Views: 1873
Answers (1)
Reputation: 6008
1) membership provider with asp.net generates a forms authentication cookie which will not work with the mobile apps. Some of things I read suggested returning a authentication token instead in the response
Cookie still can be loaded in mobile application. Consider scenario below:
- App sends request to WCF service over HTTP and gets HTTP Response that contains cookie.
- Some custom code collects that cookie and save.
- Application adds cookie to next WCF request to confirm that user is authenticated.
Browser does it for you in web application but mobile app will require some extra coding.
You do not need cookie if you use Authentication only. Method System.Web.ApplicationServices.AuthenticationService.ValidateUser can be used to validate user-name and password.
Although you will need cookie if you want to work with user Roles and Profile.
System.Web.ApplicationServices.AuthenticationService.Login returns cookie.
That cookie should be used when app calls RoleService or ProfileService
See this sample for details: http://msdn.microsoft.com/en-us/library/bb515342(v=vs.100).aspx
2) Does the WCF authentication service only provide authentication or can it be used for member registration as well? Basically, need a solution that can be used by mobile clients to allow for users to register.
Microsoft implementation does only authentication. You need to implement your own service or find third party one for registration.
This is list of methods you can use:
http://msdn.microsoft.com/en-us/library/system.web.applicationservices.authenticationservice_methods
Upvotes: 4
Related Questions
- Accessing WCF service from mobile client with user idenity
- How to consume Wcf rest servcie(Form authentication) from android client
- User Authentication
- WCF Services with Windows Authentication and Varied Clients
- Using WCF authentication service for web application
- User authentication for mobile clients in RESTful WCF 4 service
- Securing WCF Service Calls and establishing session from non-Windows Mobile Client. (e.g. iPhone)
- WCF, ASP.NET Membership Provider and Authentication Service
- Security in windows mobile app and wcf service
- Authenticating a mobile app against a WCF service?