locked
WCF Noobe: What's the best pattern I can use for the following scenario? RRS feed

  • Question

  •  

    Hi everyone,

    What is the best pattern I can use for the following scenario:
     
    I have a custom membership provider for an application which requires a user name, a password, and a dbName in order to validate a user. If I want to use a WCF service that utilizes my custom Membership provider I need the client to pass in these three variables as client credentials.
     
    Here is what I've done so far:
     * I first tried to explore the method where one overrides the Validate method of a class derived from UserNamePasswordValidator.
     I could not figure out a way to pass in my third variable DBName along with the UserName and Password.
     * After much exploration, I ended up implementing a custom token and a custom authentication policy using the pattern described in the MSDN WCF sample (http://msdn.microsoft.com/en-us/library/ms752249.aspx)
     This pattern also uses a pretty complicated custom binding:
     
      public static class BindingHelper
      {
          public static Binding CreateMyBinding()
          {
              HttpTransportBindingElement httpTransport = new HttpTransportBindingElement();
      
              SymmetricSecurityBindingElement messageSecurity = new SymmetricSecurityBindingElement();
              messageSecurity.EndpointSupportingTokenParameters.SignedEncrypted.Add(new AuthenticationTokenParameters());
              X509SecurityTokenParameters x509ProtectionParameters = new X509SecurityTokenParameters();
              x509ProtectionParameters.InclusionMode = SecurityTokenInclusionMode.Never;
              messageSecurity.ProtectionTokenParameters = x509ProtectionParameters;
              return new CustomBinding(messageSecurity, httpTransport);
          }
      }
     

    Here is my question: 
     
    Is there a simpler way to accomplish this? I'm looking for a solution that uses the custom membership provider described above that is also platform agnostic as far as the client is concerned.
     

    Thanks very much.



    Thursday, October 30, 2008 8:56 PM