wcfauthenticationwcf-ria-serviceswcf-4

Custom "Basic" Authentication for my WCF services. REST and RIA. Possible?


My server side contains WCF4 REST services and I'm going to add RIA services for my future SL4 application. Currently I'm doing Basic authentication like this:

var auth = HttpContext.Current.Request.Headers.GetValues("Authorization");

And so on.. You get the idea.. I call this on every request. If header not present or I can't validate UN/Password - I do this:

outgoingResponse.Headers.Add("WWW-Authenticate: Basic realm=\"Secure Area\"");

That got me by so far but I'm refactoring my server side. Implementing IoC for linked services. Created custom ServiceHost, ServiceHostFactory, InstanceProvider and all is well.

Now I need to figure how to properly handle authentication and authorization with WCF so I don't have to manually inspect headers. I do have my custom MembershipProvider so there have to be some method that get's UN/PW to process.

Any pointers? I looked at http://www.codeproject.com/KB/WCF/BasicAuthWCFRest.aspx but it uses RequestInterceptor and it is not available in WCF4. I found ServiceAuthenticationManager and ServiceAuthorizationManager but there is no samples available on how to code and wire those..

Can anybody suggest which way I should go?


Solution

  • Try to use this custom HTTP module. It will add new authentication mode to IIS and it will allow you using custom credentials validation.