Reputation: 185
WCF how to pass token for authentication?
I have a WCF service which would like to support basicHttpBinding and webHttpBinding. When the client successfully login, server will generate a token for client to pass to server on all the request make later. Question is how the client can pass the token to server? I don't want to add an extra parameter on every web method to hold the token.
Upvotes: 16
Views: 14423
Answers (1)
Reputation: 754220
Typically, the best way to do something like this is passing such "meta-information" in a WCF header. You can easily create a message inspector to extend WCF (it's really not that scary and hard to do!) which would inject the token into every outgoing request from the client, and retrieve it from the header and validate it on the server side.
There are a number of pretty good blog post out there showing you how to create a message inspector:
- Richard Hallgren's WCF postings
- Writing a WCF message inspector
- Automatic Culture Flowing with WCF by using Custom Behaviour
Check out the two relevant interfaces to implement:
- IClientMessageInspector on the client side, which has a
BeforeSendRequestandAfterReceiveReplymessage to implement - IDispatchMessageInspector on the server side, which has a
AfterReceiveRequestandBeforeSendReplymethod to implement
Upvotes: 20
Related Questions
- WCF Rest Token based authentication
- How to Include a Security Token to the SOAP Request?
- WCF: The request for security token could not be satisfied because authentication failed
- Passing a token to WCF service
- WCF how to send username token to WCF service
- Pass security token WCF
- How to implement a Security token in a WCF soap response?
- WCF custom authentication - Token
- Token management in WCf
- WCF - Custom Credentials & Security Tokens