Reputation: 7708
Authenticating a mobile app against a WCF service?
We are working with a vendor to develop a mobile app and plan on using WCF services to handle operations. What are some types of authentication I can use with a WCF service? Would we send a user name and password through the SOAP header? How can we accomplish this securely?
Also, this will be authenticated against our .NET membership database using the Membership classes. Thoughts? Thanks.
Upvotes: 2
Views: 698
Answers (1)
Reputation: 39836
What O/S is the mobile device running? It seems to me that the mobile device can use Windows Authentication if the mobile app is written using a framework (such as the .NET compact framework) to authenticate, just like you would with a web application. Set up the connection to use SSL and you're golden.
Another means could be to write a challenge/response system similar to Windows Authentication - but this seems like overkill unless the mobile app is on an operating system that doesn't support Windows Auth.
If you're at all familiar with the ASP.NET MembershipProvider/RoleProvider/MembershipUser model, it's fairly easy to use once you get past the limitations their model incurs.
Upvotes: 1
Related Questions
- Accessing WCF service from mobile client with user idenity
- Authentication for Android app connecting to a WCF service (on-prem environment)
- How to do Authentication between a webservice and a mobile phone?
- User Authentication
- WCF Services with Windows Authentication and Varied Clients
- membership, wcf authentication service, mobile app (iOS, Android)
- Authenticate Android client on WCF Webapi site?
- User authentication for mobile clients in RESTful WCF 4 service
- Securing WCF Service Calls and establishing session from non-Windows Mobile Client. (e.g. iPhone)
- How to authenticate a Windows Mobile client calling web services in a Web App