If your users are in a SQL membership store, use the SQL Membership Provider

J.D. Meier, Jason Taylor, Prashant Bansode, Carlos Farre, Madhu Sundararajan, Steve Gregersen.

If your user information is already stored in the aspnetdb database, or if you are building the application from scratch, use the SQL Membership provider to authenticate your WCF service clients. The Membership Provider will attempt to authenticate incoming client credentials against the credentials stored in the SQL Membership database.

The membership feature is a good choice as it allows you to enable user name authentication without writing and maintaining custom code.

The SQL Membership provider is configured in the Service config file. The following example demonstrates a Service SQL Membership Provider configuration.
….
<connectionStrings>
    <add name="MyLocalSQLServer"
         connectionString="Initial Catalog=aspnetdb;data source=10.3.19.60;Integrated Security=SSPI;"/>
</connectionStrings>
<system.web>
….
      <membership defaultProvider="MySqlMembershipProvider" >
        <providers>
          <clear/>
          <add name="MySqlMembershipProvider"
               connectionStringName="MyLocalSQLServer"
               applicationName="MyAppName"
               type="System.Web.Security.SqlMembershipProvider" />
        </providers>
      </membership>
….
</system.web>
….

Set your binding to use UserName Authentication as follows
….
<bindings>
  <wsHttpBinding>
    <binding name="BindingConfiguration">
      <security>
        <message clientCredentialType="UserName" />
      </security>
    </binding>
  </wsHttpBinding>
</bindings>
….

Set the Service Credentials configuration to use the membership provider with username authentication
….
<serviceBehaviors>
  <behavior name="BehaviorConfiguration">
    <serviceCredentials>
      <userNameAuthentication userNamePasswordValidationMode="MembershipProvider"
        membershipProviderName="MySqlMembershipProvider" />
    </serviceCredentials>
  </behavior>
</serviceBehaviors>
….

The following example demonstrates a client connection to the service:
// Set credentials to Alice
client.ClientCredentials.UserName.UserName = "Alice";
client.ClientCredentials.UserName.Password = "ecilA-123";

Last edited Apr 23, 2008 at 11:22 PM by prashantbansode, version 2

Comments

No comments yet.