none
How to get username of authenticated user after successfull authentication? RRS feed

  • Question

  • I've been studying the implementation of username-password authentication for a WCF service on the public internet:

    http://social.msdn.microsoft.com/Forums/vstudio/en-US/3fa69c2c-27db-4ad4-b0b1-4191b16aec62/how-to-imlement-usernamepassword-authenticationauthorization-with-session-id?forum=wcf

    I've have since found quite a few other articles on this topic (it is all a matter of having the right keywords in your bing/google search!).

    After my service successfully authenticates a public internet user by comparing the username and password against values in a database and the client app makes a subsequent call to my service, how do I get the username inside that web method?

    This is important: when I perform my database queries, updates and inserts, I don't want to  mix up my current user's (Joe's) data with other users' (Mary's or Jane's) data that my WCF service will be manipulating on their behalf.

    Since this WCF service is exposed on the public internet to accommodate cell phone and other apps, I'm not interested in windows or certificate authentication.

    Thanks

    Siegfried


    siegfried heintze


    • Edited by siegfried_ Wednesday, July 30, 2014 11:20 PM
    Wednesday, July 30, 2014 11:18 PM

Answers

  • Hi,

    If your users authenticated with a Windows user credential at your WCF service, you'll be able to find their credentials under

    ServiceSecurityContext.Current.WindowsIdentity

    If your users authenticated with a certificate, you'll find their identity (which is going to be a CertificateIdentity instead of a WindowsIdentity) under

    ServiceSecurityContext.Current.PrimaryIdentity

    If neither the Windows nor the certificate path work for you, WCF also enables us to create our own custom authentication scheme, in which case you'd need to write an extension for WCF, plug it in, and you'd get username/password of your calling users sent to you to validate against any kind of custom store you might have.

    Best Regards,
    Amy Peng


    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.


    Friday, August 1, 2014 7:54 AM
    Moderator