locked
How to create cookie in wcf rest service? RRS feed

  • Question

  • User-1106622872 posted

    I am using mvc as client, wpf as host

    hosting in wpf:

     var api = new Iservice(); apiHost = new ServiceHost(api); 
    var webHttpBinding = new WebHttpBinding(); 
    var apiEndPoint = apiHost.AddServiceEndpoint(typeof(IService), webHttpBinding, WcfSettings.apiEndpointAddress); 
    apiEndPoint.Behaviors.Add(new WebHttpBehavior { HelpEnabled = true });
     apiHost.Open();

    and wcf rest as service.request is created using HttpWebRequest method and response using HttpWebResponse. below is the code:

    mvc client :

    WebRequest.Create(Instance.ApiEndpointAddress + "Login?userName=" + userName + "&password=" + passWord) as HttpWebRequest var webResponse = request.GetResponse() as HttpWebResponse;

    i could create cookie but its not adding to the response,here is the code

    wcf rest API:

    WebOperationContext.Current.OutgoingResponse.Headers.Add("Set-Cookie: testcookie=" + test value + ";");

    so i created another http cookie in mvc withe value i got from wcf rest service (test cookie's value) like

    continuation from mvc client:

     //re creation of another cookie in mvc 
    foreach (Cookie apicookie in webResponse.Cookies) 
    { 
    //apicookie.value is the cookie value which we got frm wcf rest api  
    FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket( 1, apicookie.Name, DateTime.Now, DateTime.Now.AddMinutes(15), true, apicookie.Value); 
    string encTicket = FormsAuthentication.Encrypt(authTicket); 
    HttpCookie authCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encTicket); 
    if (rememberme) { authCookie.Expires = DateTime.Now.AddDays(7); } 
    //Http Cookie, which gets add to the response
     context.Response.Cookies.Add(authCookie); }

    How can i create a cookie in wcf rest api, which gets add to the response directly which will eliminate the re creation of another cookie in mvc ? and also i would like to share the wcf rest cookie to other applications which are developed on other web techonologies.

    Friday, April 19, 2013 2:42 AM

Answers

  • User-742633084 posted

    Hi manikumaryeg...,

    I'm afraid there is no means which can directly set the cookie from your WCF service call (from the MVC app) to the MVC app's client (webbrowser end). This is because the HTTP communication of the two sides are totally separated. Just like below:

    • webbrowser client <--- http conection ---> ASP.NET MVC web app
    • ASP.NET MVC web app <--- http connection ---> WCF REST service

    the two HTTP communication totally have no idea of eachother.

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Wednesday, April 24, 2013 5:21 AM
  • User-742633084 posted

    Hi manikumaryeg...,

    I think the current means you use (extract the cookies returned from WCF REST service) and manually add them into the response of ASP.NET MVC request is the only way to propagate the cookies from the wcf service to front-end webbrowser side.

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Wednesday, April 24, 2013 10:10 PM
  • User-742633084 posted

    Hi Mani,

    So, what you want is actually a single-sign-on like solution (which is using cookie based authentication/authorization). Then, I think you can consider the following approach:

    * setup a centralized authentication server for handling the authentication and cookie generation. This centralized authentication service can be implemented by an ASP.NET httphandler or WCF service operation. For example, it will handle two kinds of requests:

    1) When client request for authentication with credentials (username+password), it validate the request and issue the cookie together with a token (could be a guid or other uniuqe identify)

    2) When client send request and supply a token, the server will help generate the proper authentication cookie (as if it is authenticated)


    * For ASP.NET MVC service, it can authenticate to the SSO server via WCF service call and get the token and cookies. It then pass the token to ASP.NET MVC's client (other web front ends). Later the web front-end can use this token to request for the authentication cookies from the centralized SSO site.

    You can search for some SSO related articles (use cookie based authentication) over web for more detailed ideas.

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Wednesday, April 24, 2013 11:08 PM

All replies

  • User-1000095884 posted

    Hi,

    If you want to send cookies from client when making wcf calls, you can custom a classes to implements IClientMessageInspector and IEndpointBehavior interfaces. For details, you can refer a sample in this blog.

    #Send Cookies When Making WCF Service Calls

    http://www.codeproject.com/Articles/190806/Send-Cookies-When-Making-WCF-Service-Calls

    Hope this helps.

    Best Regards.

    Monday, April 22, 2013 5:17 AM
  • User-742633084 posted

    Hi manikumaryeg...,

    I'm afraid there is no means which can directly set the cookie from your WCF service call (from the MVC app) to the MVC app's client (webbrowser end). This is because the HTTP communication of the two sides are totally separated. Just like below:

    • webbrowser client <--- http conection ---> ASP.NET MVC web app
    • ASP.NET MVC web app <--- http connection ---> WCF REST service

    the two HTTP communication totally have no idea of eachother.

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Wednesday, April 24, 2013 5:21 AM
  • User-1106622872 posted

    Hi Steven,

    Thanks a lot for the valuable info..it really helped me..can you please explain in detail 

    once again thank you!!!

    Wednesday, April 24, 2013 9:22 AM
  • User-1106622872 posted

    Hi Haixia,

    Thanks for your response..have worked on the process explained in that article but couldnt succeed in creating cookie in rest api

    Wednesday, April 24, 2013 9:34 AM
  • User-742633084 posted

    Hi manikumaryeg...,

    I think the current means you use (extract the cookies returned from WCF REST service) and manually add them into the response of ASP.NET MVC request is the only way to propagate the cookies from the wcf service to front-end webbrowser side.

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Wednesday, April 24, 2013 10:10 PM
  • User-1106622872 posted

    Hi Steven,

    Thanks for your response,my whole ideas was to use the cookie created from mvc ---> wcfrest api to use in php or some other web techonology for authentication. so manually adding cookie the response of ASP.NET MVC request is the only way to propagate the cookies from the wcf service doesnot serve my purpose. Steven,could you please suggest some approch on how can i achieve the above said functionality

    Wednesday, April 24, 2013 10:34 PM
  • User-742633084 posted

    Hi Mani,

    So, what you want is actually a single-sign-on like solution (which is using cookie based authentication/authorization). Then, I think you can consider the following approach:

    * setup a centralized authentication server for handling the authentication and cookie generation. This centralized authentication service can be implemented by an ASP.NET httphandler or WCF service operation. For example, it will handle two kinds of requests:

    1) When client request for authentication with credentials (username+password), it validate the request and issue the cookie together with a token (could be a guid or other uniuqe identify)

    2) When client send request and supply a token, the server will help generate the proper authentication cookie (as if it is authenticated)


    * For ASP.NET MVC service, it can authenticate to the SSO server via WCF service call and get the token and cookies. It then pass the token to ASP.NET MVC's client (other web front ends). Later the web front-end can use this token to request for the authentication cookies from the centralized SSO site.

    You can search for some SSO related articles (use cookie based authentication) over web for more detailed ideas.

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Wednesday, April 24, 2013 11:08 PM
  • User-1106622872 posted

    Hi Steven,

    Thanks a lot for the valuable suggestions and prompt response.will work on the approach suggested by you.

    cheers!!

    Wednesday, April 24, 2013 11:26 PM