Reputation: 844
WCF Soap webservice and authentication
I am creating a WCF service which uses basicHttpBinding(SOAP). I would like each request to the webservice to require an account name and a key, essentially a username and password. Currently these values are being passed as arguments to each exposed method. Is this the proper way to handle this situation? It seems to violate DRY, and I'm guessing that there is an easier, built in way. I have seen some examples of inserting a username and a password into the headers by intercepting the request but that approach seems to add quite a bit of effort for clients connecting.
Thanks!
Upvotes: 0
Views: 466
Answers (1)
Reputation: 14938
Rather then sending the user name and password ever request, why not have a login method that returns a token, and pass that?
If you want to minimize DRY you can do the following:
First, make a generic class similar to the following that all request contracts inherit from (besides Login and Logout):
[MessageContract]
public abstract class AuthenticatedRequest <T> {
[MessageHeader]
public string Token { get; set;]
}
Now make a private function called private bool IsAuthenticated(string Token) that checks the token. This minimizes the ceremony of checking for authentication.
Upvotes: 1
Related Questions
- Connect with WCF to a WebService authenticated with username/password
- WCF and Authentication
- Web Service with Windows Authentication with Soap Client
- Wcf Basic authentication
- WCF Authentication
- WCF Direct Authentication using BasicHttpBinding
- Consuming WCF Service with BasicHttpBinding and Windows Authentication
- Authentication with basicHttpBinding
- WCF with Http Basic Authentication
- How to authenticate in WCF services in BasicHttpBinding?