MSDN Architecture Center > Architecture Forums > Architecture General > ASP.NET Authentication and Authorization Via WCF

ASP.NET Authentication and Authorization Via WCF

Thursday, December 10, 2009 9:04 AM

1

Sign In to Vote
Hi,

We are in the process of building a distributed application using ASP.NET and WCF. We think, we have two ways of doing authentication and authorization for web site.

1. Create custom membership Provider and expose all the operations as wcf services, at client side call the appropriate methods to authenticate, create the principal object and cache it

2. Create the custom membership provider and expose the services which can return a custom principle object ( fully loaded with identiy and roles), and at client side, directly receive the principal object.

In option2 , we have the provision to support multiple sources and can be used to multiple applications.

I would like to understand which is efficient and correct and what is the best way people are following in the industry.

Thanks

Hari
Harinatha
- Moved by Esther FanMicrosoft Employee, Moderator Saturday, September 11, 2010 3:51 AM (From:The Architect Role)
- Reply
- Quote

All Replies

Monday, May 03, 2010 1:32 PM

0

Sign In to Vote

Hari,

What is the client side for you? The ASP.NET server application or the web browser?
Paulo Morgado (http://PauloMorgado.NET/)
- Reply
- Quote
Monday, June 07, 2010 12:31 AM

0

Sign In to Vote

If the client of this remote authorization provider is the ASP.NET (server) application, than all you have to do is implement a membership provider that calls into this remote provider.
Paulo Morgado (http://PauloMorgado.NET/)
- Reply
- Quote

Frequently asked questions - Forums help