none
how to call client credentials automatically? RRS feed

  • Question

  • i having a WCF service and custom username password validator, service is running good.

    I m consuming this service in a .net client through proxy (generated by add service reference).

    On client side, in each request i has to send the user credetials like below,

    proxy.ClientCredentials.UserName.UserName = "1";
    proxy.ClientCredentials.UserName.Password = "2";

    Is there any way to write some service extesion so that I don't need to pass above credentials manually with every call?

    I found somewhere this LINK with the use of message inspector, but not works for me. Please suggest!

    Friday, May 16, 2014 9:18 AM

Answers

  • Hi,

    Maybe you can use SOAP header to pass information you need. The service can either check a "usernameandpassword" header or check a "sessionticket" header. For the first reqeust client passes username and password information via the "usernameandpassword" header. (since there's no mechanism to protect the password in SOAP level by default, you need to either encrypt the password yourself or using a trasport level security mechanism)When the service get the information from "usernameandpassword" header it's responsible to generate a session ticket (encrypted with a key that is only known by itself) and send back to client (wrapped in the SOAP header in response as well). For subsequent requests client can send the session key via "sessionticket" header. If the service see there's a value in "sessionticket" header it may decrypt it and valid it. If it's a valid ticket the service knows the client has been logged on before. You may include a lot of information in the ticket, including create time, expire time, username, etc.

    Best Regards,
    Amy Peng


    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.



    Monday, May 19, 2014 8:26 AM
    Moderator

All replies

  • what kind of Authentication mode your service is configured ? If it is windows, You can pass the Client credential as below,

    proxy.Credentials = System.Net.CredentialCache.DefaultCredentials;


    Lingaraj Mishra

    Friday, May 16, 2014 10:14 AM
  • You can if the client and server are using the same DNS Password Server to obtain passwords and the Group Policy is set to allow access.   Then you use Defalt Credentials.

    See webpage below

    http://stackoverflow.com/questions/17968307/how-to-set-proxy-credentials-to-specific-wcf-client


    jdweng

    Friday, May 16, 2014 10:19 AM
  • hello,

    i m not using "UserName" authentication instead of Windows.

    <security mode = "TransportWithMessageCredential">

    <message clientcredentialType = "username"/>

    </security> 

    Friday, May 16, 2014 3:53 PM
  • Hi,

    Maybe you can use SOAP header to pass information you need. The service can either check a "usernameandpassword" header or check a "sessionticket" header. For the first reqeust client passes username and password information via the "usernameandpassword" header. (since there's no mechanism to protect the password in SOAP level by default, you need to either encrypt the password yourself or using a trasport level security mechanism)When the service get the information from "usernameandpassword" header it's responsible to generate a session ticket (encrypted with a key that is only known by itself) and send back to client (wrapped in the SOAP header in response as well). For subsequent requests client can send the session key via "sessionticket" header. If the service see there's a value in "sessionticket" header it may decrypt it and valid it. If it's a valid ticket the service knows the client has been logged on before. You may include a lot of information in the ticket, including create time, expire time, username, etc.

    Best Regards,
    Amy Peng


    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.



    Monday, May 19, 2014 8:26 AM
    Moderator
  • [DataContract]
        public class ErrorHandle
        {
            public ErrorHandle();

            [DataMember]
            public string Message { get; set; }
            [DataMember]
            public bool Success { get; set; }
        }

    [DataContract]
        public class MetaDataRegistryResponse : ErrorHandle
        {
            public MetaDataRegistryResponse();

            [DataMember]
            public string ReturnXML { get; set; }
            [DataMember]
            public string ValResult { get; set; }
        }

    [OperationContract]
            MetaDataRegistryResponse MetaDataRegistry(MetaDataRegistryRequest argMetaDataRegistryRequest);

    [DataContract]
        public class MetaDataRegistryRequest
        {
            public MetaDataRegistryRequest();

            [DataMember]
            public string StrXML { get; set; }
        }

     public MetaDataRegistryResponse MetaDataRegistry(MetaDataRegistryRequest argMetaDataRegistryRequest)
            {
                Guid gUid = new Guid();
                MetaDataAttributes metaDataAttributes = new MetaDataAttributes();

                MetaDataRegistryResponse metaDataRegistryResponse = new MetaDataRegistryResponse();
                StringBuilder responseXML = new StringBuilder();

                try
                {
                    XmlDocument inputXml = new XmlDocument();
                    //load the input xml payload
                    inputXml.LoadXml(argMetaDataRegistryRequest.StrXML);
                    //get company GUI
                    gUid = new Guid(inputXml.SelectSingleNode("PDI_Approval_MetaData/SourceDetails/SourceSystem").Attributes["Name"].Value.Trim());

                    ASUtils.LoadConnectionCache(StateManager, gUid);
                    metaDataAttributes.AuditContext.IsAuditEnabled = false;
                    metaDataAttributes.RequestXml = argMetaDataRegistryRequest.StrXML;
                    metaDataAttributes.CompanyGUID = gUid;
                    metaDataAttributes.RecStatus = OperationType.Insert;
                    metaDataAttributes.Save(null);

                    #region Create approver system response

                    if (metaDataAttributes.SourceSystem != "" && metaDataAttributes.TransactionType != "" && metaDataAttributes.TransactionVersion != ""
                         && metaDataAttributes.ErrorCode != "" && metaDataAttributes.ErrorDiscription != "")
                    {
                        responseXML.Append("<PDI_Approval_MetaData>");
                        responseXML.Append("<SourceSystem>" + metaDataAttributes.SourceSystem.Replace("'", "&apos;").Replace(">", "&gt;").Replace("<", "&lt;").Replace("&", "&amp;").Replace("\"", "&quot;") + "</SourceSystem>");
                        responseXML.Append("<TransactionType>" + metaDataAttributes.TransactionType.Replace("'", "&apos;").Replace(">", "&gt;").Replace("<", "&lt;").Replace("&", "&amp;").Replace("\"", "&quot;") + "</TransactionType>");
                        responseXML.Append("<TransactionVersion>" + metaDataAttributes.TransactionVersion + "</TransactionVersion>");
                        responseXML.Append("<Message>");
                        responseXML.Append("<Code>" + GetMessageFromResourceFile(metaDataAttributes.ErrorCode).Replace("'", "&apos;").Replace(">", "&gt;").Replace("<", "&lt;").Replace("&", "&amp;").Replace("\"", "&quot;") + "</Code>");
                        responseXML.Append("<Description>" + GetMessageFromResourceFile(metaDataAttributes.ErrorDiscription).Replace("'", "&apos;").Replace(">", "&gt;").Replace("<", "&lt;").Replace("&", "&amp;").Replace("\"", "&quot;") + "</Description>");
                        responseXML.Append("</Message>");
                        responseXML.Append("</PDI_Approval_MetaData>");
                    }

                    metaDataRegistryResponse.ReturnXML = responseXML.ToString();

                    #endregion

                }
                catch (Exception ex)
                {

                    #region Create exception response

                    metaDataRegistryResponse.Success = false;
                    metaDataRegistryResponse.Message = ASConstants.TransactionStatus.INVALID_METADATA_REGISTRY_SYSTEM_ERROR.ToString();

                    responseXML.Append("<Message>");
                    responseXML.Append("<TranStatus>" + metaDataRegistryResponse.Message + "</TranStatus>");
                    responseXML.Append("<Error>" + ServiceResource.SystemExceptionMessage + "</Error>");
                    responseXML.Append("</Message>");

                    metaDataRegistryResponse.ReturnXML = responseXML.ToString();

                    #endregion

                    PDILogger.WritePDILogger(ex, gUid);
                }

                return metaDataRegistryResponse;
            }

    Wednesday, May 21, 2014 3:27 PM