Archiving a service application in WCF

Question

Archiving a service application in WCF

I need help with the WCF application architect. There will be many services that should be available to serve several different customers, for example.

ASP.Net Application (JavaScript and / or Silverlight)
iPhone
Windows mobile
Android

Some services require authentication, and some will be available without authentication.

I need recommendations regarding services that require authentication, I want to use user credentials and password over SSL.

How (if possible / recommended for all types of clients) should I create it in WCF?

+4

wcf wcf-security

Fredrik jansson Jan 14 '10 at 13:04

source share

1 answer

Mark seemann · Accepted Answer · 2010-01-14T13:17:04+0000

You can (and should) separate authentication from the service implementation so that you can independently modify it. This is possible by implementing (or reusing) the ServiceAuthorizationManager .

The best part is that they can be defined in .config, and you can encode your entire service without knowing anything about how the user is authenticated.

If you need to know more about the user, you can use Thread.CurrentPrincipal .

To implement username and password verification, run UserNamePasswordValidator .

Archiving a service application in WCF

More articles: