locked
selfhosted WCF DataService with custom authentication and authorization RRS feed

  • Question

  • Hello,

    i'm writing a WCF DataService that is hosted in a console application (later a windows service) and i want to implement a custom authentication and a custom authorization and have the transport secured using ssl.

    I found a lot of samples dealing with IIS hosted DataServices, but i couldn't find an example for selfhosted ones.

    What i found is the ServiceAuthenticationManager and the ServiceAuthorizationmanager, i guess that's the rigth direction. But in my cusomt ServiceAuthenticationmanager i have problems accessing the username and password i pass in the message headers.

    Here is my server code:

    class Program
        {
            static void Main(string[] args)
            {
                try
                {
                    WebServiceHost host = new WebServiceHost(typeof(SigiNXDataService), new Uri("http://localhost:9999/SigiNXDataService"));
                    WebHttpBinding binding = new WebHttpBinding();
     
                    host.AddServiceEndpoint(typeof(IRequestHandler), binding, "WebServiceHost");
                    host.Authentication.ServiceAuthenticationManager = new MyAuthentication();
                    host.Authorization.ServiceAuthorizationManager = new MyAuthorization();
                    host.Open();
                    Console.WriteLine("Service running...");
                    Console.Read();
                    host.Close();
                }
                catch (Exception ex)
                {
                    Console.WriteLine(ex.Message);
                }
            }
        }
     
        public class MyAuthorization : ServiceAuthorizationManager
        {
            protected override bool CheckAccessCore(OperationContext operationContext)
            {
                System.Console.WriteLine("Check...");
                return base.CheckAccessCore(operationContext);
            }
        }
     
        public class MyAuthentication : ServiceAuthenticationManager
        {
            public override System.Collections.ObjectModel.ReadOnlyCollection<IAuthorizationPolicy> Authenticate(ReadOnlyCollection<IAuthorizationPolicy> authPolicy, Uri listenUri, ref Message message)
            {
                //Custom authentication
                return base.Authenticate(authPolicy, listenUri, ref message);
            }
        }

    and the client code:

    public MainWindow()
            {
                InitializeComponent();
                this.DataContext = this;
                siginx = new SigiNxService.SigiNXUnitOfWork(new Uri("http://localhost:9999/SigiNXDataService"));
                siginx.SendingRequest += new EventHandler<System.Data.Services.Client.SendingRequestEventArgs>(siginx_SendingRequest);
            }
     
            void siginx_SendingRequest(object sender, System.Data.Services.Client.SendingRequestEventArgs e)
            {
                e.RequestHeaders.Add("User""gug");
            }

    I hope someone can give me a hint.

    Thanks

    Michael

    Thursday, March 8, 2012 12:38 PM

All replies