Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
HomeAnnouncementsFree MagazinesWhite PapersSubmit Content
Discussion GroupsASP.NETWindows FormsLanguages.NET FrameworkVisual Studio.NET
Articles.NET FrameworkASP.NETToolsWindows Forms
.NET DirectoryOpen Source ProjectsUser GroupsWeb Resources
Related Topics
Visual Basic 6SQL ServerMS AccessOther DB ProductsMS Server ProductsMore Topics ...
.NET Forum / ASP.NET / Web Services / May 2008

Tip: Looking for answers? Try searching our database.

"Logging in" to a WCF service

Thread view: 
Enable EMail Alerts  Start New Thread
Thread rating: 
nathan.alden@gmail.com - 13 May 2008 23:08 GMT
I have a Windows application that must "log in" to a remote service.
Once logged in, for all subsequent service calls the Windows
application should somehow pass a "session context" in each message to
the service, which will then be compared to session information stored
in SQL Server. However, for each service call a new client proxy is
created, i.e. I'm not reusing the same proxy over and over.
Essentially, I need to emulate what traditional ASP.NET sessions do.

I've done pretty much all the research I can looking into WCF
federation (RSTRSTR) but haven't come up with anything understandable.
I also know that WCF's concept of a session is not inherently
sufficient for what I'd like to do. I was curious what best practices
there were or whether anyone else has attempted something like this.

Thanks.
Reply to this Message
Jeremy Shovan - 14 May 2008 00:04 GMT
I have done something similar to this a while back with WCF. I ended up
using an encrypted token that held a session id and the time that the token
was created (used for expiration). We had a "log in server" that held
authentication information, this server would create our token and pass it
onto the server that is hosting the WCF service. If I recall correctly I
used an HttpModule to grab the encrypted token off of the request and
validated it at that time.. if it wasn't valid I simply closed the response
stream.

You could probably use something similar to this only hold an id in your
encrypted token that identifies session information that you have stored in
SQL Server. Just include the token on each of your calls through your
various proxies.

Jeremy Shovan

> I have a Windows application that must "log in" to a remote service.
> Once logged in, for all subsequent service calls the Windows
[quoted text clipped - 11 lines]
>
> Thanks.
Reply to this Message

Free Magazines

Get these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...

Oracle MagazineNetwork ComputingComputer WorldBio-IT WorldeWeekInformation WeekInfosecurity
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2008 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.