Authenticate WCF when called from jquery($.ajax)

Question

We are calling the WCF from javascript in html file.

How to apply authentication to WCF service(not REST Service) when called from jquery($.ajax).

Also we do not want to install any CERTIFICATE on the server where WCF is deployed.

Answer 1

Ajax will in your case use token of the user who has opened the browser. When you open the web-page (which contains your ajax code) some authentication will be explicitly (you must provide credentials) or implicitly (existing Windows token will be used) done.

Outgoing call to WCF will use that token automatically.

The authentication type is defined by your host, probably IIS.

---

Damir Dobric
developers.de
daenet.de
daenet.eu
daenet.com

Answer 2

Thanks for your reply.

But we are calling the WCF from javascript in .html page and not web-page(.aspx page).

How to apply authentication when WCF called from  javascript in .html page.

Answer 3

Hi, it is similar for html page and the aspx page.

Answer 4

Thanks for reply.

If, for e.g., WCF is authenticated with UserName and Password, then from aspx page we can pass username and password.
But for WCF called from jQuery(in HTML page and NOT ASPX page), still we need to get and pass UserName and Password ???.

Or any other way to apply WCF authentication when called from jQuery in .html page?

Answer 5

Hi,

You can authenticate the service with windows authentication, the service will send response to acquire user's windows credential, if the browser cached the windows credential, it will provide it to service without user's notification, if not, a dialog popup to ask user's windows username/password. Please take a look at the discussion in this thread.

http://social.msdn.microsoft.com/Forums/en-US/wcf/thread/16a3456d-d5ce-42e3-8e56-a8f663c010e9

Another thread on how to provide basic credential in javascript.

http://stackoverflow.com/questions/1002179/how-can-i-pass-windows-authentication-to-webservice-using-jquery

Hope these information can help you.

Best Regards.

---

Haixia
MSDN Community Support | Feedback to us
Develop and promote your apps in Windows Store
Please remember to mark the replies as answers if they help and unmark them if they provide no help.

Answer 6

Thanks for your reply.

http://stackoverflow.com/questions/1002179/how-can-i-pass-windows-authentication-to-webservice-using-jquery

The above link has the example of webservice.

My query is that is it possible to authenticate WCF with UserName and
Password when called from jquery and call any operation contract of the
service.

This can be done using WCF Rest service. But we do not want to use WCF Rest service.

Also we donot want to install any certificate on server.

Answer 7

Hi,

if your webservice is properly configured for Transport security, UserNameToken credentials only, your client code (JS) does not have to do anything. Your client web applications is started from WebServer. before your applications can download any HTML (ASPX) file the user will have to authenticated.
Whatever the authentication is used, once the browser has received the response it will keep that token (NTLM, Kerberos or UserNamePwd).

For any next request query or not, HTML or SVC, browser will send the token obtained on the first response.
When after all your WCF service is invoked, you must ensure that the service is configured to receive that token.

For example, if the first request to default.aspx was used via NTLM authentication and WCF is configured to use BasicCleartext (TransportSecurity with UserNameCredentials) it will fail.

BTW, you can implement your own authentication with BasicCleartext (appending username pwd credentials to authorization header) to do any additional tweek you might like. For example your asp.net application use Kerberos and WCD uses username token. However this is a more complex task I personally find it out of scope of this discussion.

Hope this helps. :)

---

Damir Dobric
developers.de
daenet.de
daenet.eu
daenet.com