Reputation: 2475
WCF Services with Windows Authentication and Varied Clients
I am beginning a project that will have three layers to it: a web front-end, a mobile front-end and WCF back-end. Authentication needs to be done via Active Directory, but both web front-ends will be using forms authentication to grant/reject access to certain areas, and all user control will be handled via groups inside AD. This specifically applies in the WCF side where I would like to be able to utilize the built-in Permission.Demand() functionality.
I have two questions with this. First, does anyone know of any best practice examples for doing this? Specifically in regards to passing the credentials (without the password) to the WCF service so it knows the context under which it is being accessed. Secondly, the future includes creating an Android app (and probably iPhone/Windows Phone versions as well) so I need to make sure the method used will work cross-platform with those.
Upvotes: 0
Views: 306
Answers (1)
Reputation: 1669
set the PrincipalPermissionMode to Custom, write a custom Authorization Policy (http://msdn.microsoft.com/en-us/library/ms729794.aspx) and in the implementation of the Evaluate method do the following:
evaluationContext.Properties["Principal"]=HttpContext.Current.User;
http://social.msdn.microsoft.com/Forums/en-US/wcf/thread/8f424d4f-2f47-4f85-a6b0-00f7e58871f1/
Upvotes: 1
Related Questions
- Authentication for Android app connecting to a WCF service (on-prem environment)
- wcf and windows authentication
- How to implement Security/Authentication with WCF and Android. Please Include examples
- Best authentication/security strategy for WCF service with multiple clients
- WCF Service with Active Directory Authentication
- User Authentication
- Need advice on authentication for android client connecting to the WCF Rest setup
- Authenticate Android client on WCF Webapi site?
- WCF/ASP.NET Authentication
- Authenticating a mobile app against a WCF service?