locked
Forms Authenticated Website Hosting WCF - Username problem RRS feed

  • Question

  • I'm creating a Silverlight enabled WCF services in a 3.5 website so the ASPnet compatibility settings in the web.config and service class are done. The website is Forms Authenticated but I remove authentication for the svc file so I can create a service reference. I login to the site with the following code:

     

          if (Membership.ValidateUser("username", "passwrod"))
          {
            FormsAuthentication.SetAuthCookie("username", false);
    
            FormsAuthentication.RedirectFromLoginPage("username", false);
          }

     

     It logs in and I can see the username in the httpcontext in the asp.net page but it is empty in the wcf code

      [ServiceContract(Namespace = "")]
      [AspNetCompatibilityRequirements(RequirementsMode = AspNetCompatibilityRequirementsMode.Allowed)]
      public class Test
      {
        [OperationContract]
        public void DoWork()
        {
          var i = HttpContext.Current.User.Identity.Name;
          return;
        }
    
        // Add more operations here and mark them with [OperationContract]
      }

    I've been reading up on this and I was under the impression this would work. Any idea where I am going wrong?

    Regards, Chris.

     

     

     

     

     

     

     


    Chris
    Monday, May 23, 2011 7:42 PM

Answers

  • Hello, are you using browser HTTP stack or client HTTP stack? If you use browser HTTP stack, cookies are handled automatically and you don't need to do anything. But if you use client HTTP stack, the Silverlight application doesn't share cookie with the browser, and cookies must be handled manually. Usually when working with Silverlight applications, you use an authentication service to authenticate the client, instead of using a web page. And for each WCF service reference, you add the httpCookieContainer behavior to it, and use the same cookie container. This ensures all services will share the same cookies.
    Lante, shanaolanxing This posting is provided "AS IS" with no warranties, and confers no rights.
    Windows Azure Technical Forum Support Team Blog
    • Marked as answer by Yi-Lun Luo Monday, May 30, 2011 9:23 AM
    Wednesday, May 25, 2011 1:32 AM

All replies

  • Hi Chris,

    If I remember correctly, Silverlight does not automatically send cookies when you call a WCF service. Since authentication session id is stored in a cookie, you have to tell Silverlight to send the cookie when calling a WCF service.

    Go to your serviceReference.clientConfig file, and in the binding configuration, set the enableHttpCookieContainer attribute to true.

    You can use Fiddler or any other HTTP sniffer to validate that the request is being sent with the authentication cookie.

    BTW, you should know there is a problem using Silverlight + WCF + ASP.NET Sessions, because WCF can only handle a single service request from a client at once, due to an ASP.NET problem.

    Check this blog post for more information:

    http://blogs.microsoft.co.il/blogs/idof/archive/2010/09/27/asp-net-compatible-wcf-services-concurrency-problem.aspx

     


    Please mark posts as answers/helpful if it answers your question. Senior Consultant on WCF, ASP.NET, Siverlight, and Entity Framework. Author of Microsoft's Official WCF 4 Course. Co-author of the Microsoft HPC/Azure burst whitepaper.
    Monday, May 23, 2011 8:50 PM
  • Hi Chris,

    here is a config snippet, which might be helpul:

     <services>
          <service behaviorConfiguration="MyBehavior" name="MyService">
            <endpoint address=http://localhost/MyService
              binding="wsHttpBinding" bindingConfiguration="MyBinding"
              contract="IMyService" />
          </service>
        </services>

     <behaviors>
          <serviceBehaviors>
            <behavior name="MyBehavior">
              <serviceCredentials>
                <userNameAuthentication
                  userNamePasswordValidationMode="MembershipProvider"
                  membershipProviderName="SqlMembershipProvider" />
              </serviceCredentials>
            </behavior>
              </serviceBehaviors>
        </behaviors>

        <bindings>
          <wsHttpBinding>
            <binding name="MyBinding">
              <security mode="Message">
                <message clientCredentialType="UserName" />
              </security>
            </binding>
          </wsHttpBinding>
        </bindings>
      </system.serviceModel>
    </configuration>

    More details on this: http://msdn.microsoft.com/en-us/library/ms731049.aspx

     

    Hope this helps.

    Damir

     


    Damir Dobric
    developers.de
    daenet.de
    daenet.eu
    daenet.com
    Monday, May 23, 2011 8:58 PM
  • Damir/Ido both your posts look use but:

     

    Damir

    I want the wcf to be useable by Silverlight - I thought Silverlight doesn't support WSBinding

    My goal is is to have a website using FBA with traditional ASP.net but also have Silverlight which grabs the identity established with FBA when calling WCF. So I don't want to ask for the username and password to be asked by the Silverlight application but rather the website and have that "flow" into WCF.

     

    Ido

    Currently I am having this problem in my ASP.net pages calling WCF - I haven't got as far as Silverlight yet!

    Any further thoughts would be great.

    Regards, Chris.


    Chris
    Monday, May 23, 2011 9:37 PM
  • Did yoy try the configuration provided above? It should not require you to authenticate once again.
    Damir Dobric
    developers.de
    daenet.de
    daenet.eu
    daenet.com
    Monday, May 23, 2011 9:40 PM
  • Thanks for quick reply. I'm just looking at it now. I thought Silverlight doesn't support WSHttpBinding. Also my login is with a webform I want the Silverlight to call WCF and for the WCF to know the current identity.
    Chris
    Monday, May 23, 2011 9:50 PM
  • HTTPS: ? I was trying to use WCF with forms auth and couldn't get to to work without HTTPS:

    Monday, May 23, 2011 11:00 PM
  • Could it be hosting the WCF in IIS and calling it from asp.net rather than Silverlight? I saw a post from a guy who had a  similar problem and it was to do with the WCF executing in the context of IIS but when he added his Silverlight it worked as that was executing in the context of the browser. I'm off to be bed now I'll have to look at it tomorrow.....
    Chris
    Monday, May 23, 2011 11:16 PM
  • Here's the post - is this worth exploring?

     

    "In trying to configure the endpoints for my Silverlight app I was testing with an asp.net page. I finally realized that when I test that way, the client endpoint is no longer originating from the authenticated browser - the client endpoint is the IIS server which in turn executes the request against the WCF server endpoint. So the security context changes and HttpContext.Current.User.Identity is always empty at the WCF server endpoint.

    Once I got my test SL app running in the browser, it automatically inherited the security context of the authenticated browser and then HttpContext.Current.User.Identity was correct and authenticated at the WCF server endpoint."


    Chris
    Monday, May 23, 2011 11:19 PM
  • Hello, are you using browser HTTP stack or client HTTP stack? If you use browser HTTP stack, cookies are handled automatically and you don't need to do anything. But if you use client HTTP stack, the Silverlight application doesn't share cookie with the browser, and cookies must be handled manually. Usually when working with Silverlight applications, you use an authentication service to authenticate the client, instead of using a web page. And for each WCF service reference, you add the httpCookieContainer behavior to it, and use the same cookie container. This ensures all services will share the same cookies.
    Lante, shanaolanxing This posting is provided "AS IS" with no warranties, and confers no rights.
    Windows Azure Technical Forum Support Team Blog
    • Marked as answer by Yi-Lun Luo Monday, May 30, 2011 9:23 AM
    Wednesday, May 25, 2011 1:32 AM