locked
Designing an Authentication Service RRS feed

  • Question

  • Hello,

    I'm designing an authentication service that should be fairly extensible because we're going to reuse it and I'm not quite sure how to keep the interface clean yet allowing support for indefinite amount of errors and stages of the authentication the user might have to go through which might vary from project to project.

    Here is the interface I have.

    [ContractClass(typeof(IAuthenticationServiceContract))]
    	public interface IAuthenticationService
    	{
    		IAuthenticationConfiguration Configuration { get; }
    
    		bool SignIn(string username, string password);
    
    		void SignOut();
    	}

    And here is something I thought of doing.

    [ContractClass(typeof(IAuthenticationServiceContract))]
    	public interface IAuthenticationService
    	{
    		IAuthenticationConfiguration Configuration { get; }
    
    		// IAuthenticationStateCollection States { get; }
    
    		bool SignIn(string username, string password);
    
    		void SignOut();
    	}

    Each state is described using a key, value and a type but I'm not sure that it's the best way to go with, has anyone done something similar that should handle an indefinite amount of states ? how did you solve it ?


    Eyal (http://shilony.net), Regards.



    • Edited by Eyal Solnik Wednesday, March 7, 2012 2:49 AM
    • Moved by Lie You Monday, March 12, 2012 5:44 AM Move it for better support. (From:Visual C# General)
    Wednesday, March 7, 2012 2:45 AM

Answers

All replies

  • I presume you are using WCF for it.

    I suggest you go through ASP.NET Authentication Service exposing using WCF.

    (it is having the ValidateUser() method - so no reinventing the wheels :))

    The Authentication Service is extensible and you can use a custom database for user/pwd validations.

    You can find a good article here.

    http://msdn.microsoft.com/en-us/library/ff406125.aspx



    Resolving n Evolving in C# (http://jeanpaulva.com)

    Wednesday, March 7, 2012 8:01 AM
  • Hey,

    I should have said that it's not a WCF service. ;)

    Well, to be honest I didn't even think about doing that in WCF because I'll have to introduce new codebase to adapt everything so it's out of the question, at least for the moment, thank you for suggesting it though.

    I don't want to use the existing MembershipProvider because there's a lot of noise there and I really don't like the design of this, not sure why they made it so rigid, more specifically I am talking about the User class, it's possible to extend it but there's so many details that are likely to change, I can probably wrap it up but it's not something I want to do so I prefer to roll my own.

    Hopefully it makes sense. ;)


    Eyal (http://shilony.net), Regards.



    • Edited by Eyal Solnik Wednesday, March 7, 2012 12:24 PM
    Wednesday, March 7, 2012 9:54 AM
  • Can a moderator move it to the "Architecture General" forum ?

    I posted it here because there's no much movement in this forum even though it's more appropriate, sorry. ;)


    Eyal (http://shilony.net), Regards.

    Wednesday, March 7, 2012 6:28 PM
  • I would help you to move it there. Sorry for the late response.

    Thanks for your understanding and support.


    Best Regards,
    Rocky Yue[MSFT]
    MSDN Community Support | Feedback to us

    Monday, March 12, 2012 5:43 AM
  • This thread is no longer relevant to my case.

    Eyal (http://shilony.net), Regards.


    • Edited by Eyal Solnik Thursday, April 26, 2012 3:59 AM
    • Marked as answer by Eyal Solnik Thursday, April 26, 2012 3:59 AM
    Thursday, April 26, 2012 3:58 AM