Using HMAC-SHA256 Authentication for WCF with HttpModule

Question

User1161013738 posted

Hi,

I'm trying to do HMAC-SHA256 authentication for my WCF webservices.

After much reading about HMAC-SHA on the web, I started to apply them into my project.

Now that I've successfully encrypt the message on the client-side, but how do I go about authenticating the request before the request entering the WebMethods?

I suppose I should add a HttpModule to tap into the Init() event and do validation there?

But as soon as I added the HttpModule to my WCF project and configure the web.config, I'm getting error saying:

An error occurred while receiving the HTTP response to http://localhost:61884/MyService.svc. 
This could be due to the service endpoint binding not using the HTTP protocol. 
This could also be due to an HTTP request context being aborted by the server (possibly due to the service shutting down). 
See server logs for more details.

Am I right about using HttpModule in this context?

Answer 1

User-488622176 posted

Hi,

I'm not familiar with this authentication method. Does this help you : http://msdn.microsoft.com/en-us/library/windowsazure/hh289317.aspx

HTH

Answer 2

User-1662538993 posted

Can you post your config file for service?

Answer 3

User1161013738 posted

I figured that HttpModule doesn't work for self-hosted WCF service which launched from VisualStudio.

After hosting the WCF service within IIS, HttpModule is hitting the breakpoint at BeginRequest() now.

Hopefully this tip helps others in future.