.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Win Surprise Gifts!!!

Top 5 Contributors of the Month
Gaurav Pal
Post New Web Links

WCF Custom Authentication and Authorization

Posted By:      Posted Date: September 06, 2010    Points: 0   Category :WCF
Hi, I'm porting a recently developed asmx service to a WCF service. We have used WSE3.0 UsernameToken authentication for the asmx service. The service authenticates the username and password against AD and then gets a list of things the account can do for authorization. I'm trying to do this with WCF. I've got the authentication working. The authorization is causing me problems. In the asmx service I read the username and password off the UsernameToken with this UsernameToken token = (UsernameToken)RequestSoapContext.Current.IdentityToken. I can get the username and password in the WCF service using a custom UserNamePasswordValidator which works great but how is best to do the authorization? I can't do it in the custom validator because that is common to all services for the project. So I have to do it at a later stage which means reading the username and password somehow (off the channel?) Any ideas?   Thanks

View Complete Post

More Related Resource Links

Custom Authentication and Authorization in ASP.NET MVC

How to setup custom authorization in ASP.NET MVC? | Understanding the concept of Custom authentication and authorization with the help of an example.

require guideline for 'Role-based authentication/authorization'



In my asp.net website in VS-2005 with SQL-Server 2005 as db, I need to implement role-based Authentication/Authorization.

I am familiar to the practises used in role-based authentication..as I have previously worked on projects that used this method. However, my project lead used to design the database. Now I have an existing website where authentication has been set to anonymous by setting 'allow users="?"' in the authentication tags in web.config.

If I use the createUserWizard control and use the Membership.creatUser(.....) method in code behind will the asp.net security tables, like users, roles, userinrole etc get created on its own? Can anyone please give the proper steps on how to acheive this?

Using ONLY User Certificates for SharePoint 2010 Authentication/Authorization

  Hello, I am relatively new to SharePoint, and was wondering how I can accomplish using only user certificates to authenticate (and eventually authorize) access to the SharePoint 2010 Server (not just IIS). My Environment currently looks like this:  - SharePoint is SSL-enabled - User Browser Certificates (generated using OpenSSL) successfully authenticate to the IIS Server - SharePoint uses Basic Authentication (user/password based on AD credentials) I need to: - Authenticate the user to SharePoint using the User Certificate from my browser (in other words, no password authentication to access the SharePoint website, but use the certificate that was used by iis to be able to log into SharePoint) I am assuming I must use some sort of claims-based authentication.  Ideally, I would like to use ONLY the certification itself as a source of Authorized Repository for authentication. However, I am also open to having the user certificate be linked to Active Directory users as well.  I have done some research on this but am still lost as to how to approach this problem. Is there anyone that has done this or can assist me in getting this to work? Any help would be greatly appreciated. Thanks!  

WCF IP authentication / authorization

I need to secure my WCF web service.  I wish to only allow messages coming from a certain IP to make calls to my web services.  Is there a way to detect the client's IP address and permit or not permit the message call to be made from the web service level?  What would be the best way of doing this? I cannot use IIS to filter out IP's because my web service sits behind a reverse proxy so all traffic hitting the web server has the same IP address.  Thanks DW

SSRS 2008 Custom Authentication works when using ReportServer url but not when report manager url is

Hi, I am using SSRS 2008 with Custom security extension for authentication. The extension is developed in c#. I have placed the dll under report server bin and report manager bin directory and the logon,login pages under appropriate directory. My reports manager url is http://localhost:port/Reports and my reports server url is http://localhost:port/ReportServer. When I try to login through reports manager url, I am getting 'login failed' error message from the dll. But when I try to login using reports server url, it works. I have also set 'FullTrust' named permission set in RSMgrPolicy.config . <CodeGroup class="FirstMatchCodeGroup" version="1" PermissionSetName="FullTrust" Description="This code group grants MyComputer code Execution permission. "> < IMembershipCondition class = " ZoneMembershipCondition " version = " 1 " Zone = " MyComputer " /> Any suggestions please!   Thanks!

Best way to implement authentication and authorization for a sharepoint 2010 website.

Hi I come across different authentication methods in Sharepoint 2010. The sharepoint website we are develpoing as of now is Intranet. Later we are planning to move it to Internet(Public) site. What will be the best way to implement authentication and authorization for our website. If windows authentication(Classic mode authentication) is default for a sharepoint website (2010) , I have a few questions ragarding windows authentication. 1) In case of windows authentication, where should we maintain  users? 2) In case of windows authentication, how are the users created? 3) In case of windows authentication, how can I perform authorization.   If we want to use FBA(Form based authentication) in sharepoint 2010, I have a few questions ragarding FBA in sharepoint 2010. 1) In case of FBA(using Claim based authentication) , if we want to use custom database(where we are storing user details and  roles) rather than bulitin SQL membership  provider, how can we achieve this? Can anyone provide some useful resources to implement authentication(Windows or FBA or dual) and authorization for a sharepoint 2010 website with sample code? Please reply ASAP. Thanks & Regards Mahendra Babu

silverlight + WCF Service + Dynamic proxy(custom binding) + basic authentication on iis

hi all, I am having an issue with how to get windows identity in silverlight project. Below is my scenario: the silverlight application need to get data from server via WCF service, i used the way that built dynamic proxy at runtime and aslo used custombinding in this case. Now my application need to deploy on iis and chosen "basic authentication" as a authentication mode. Thus i have chosen authentication mode in WCF was " <security authenticationMode="UserNameOverTransport">". At the client side where kind of project is silverlight that i need have to dynamic proxy with custombinding. My question is: In basic authentication how can i get windows identity to set to chanelfactory.Credentials: _channelFactory = new ChannelFactory<TWebService>(this._binding, new EndpointAddress(_endpointAddress));            _channelFactory.Credentials.UserName = new UserNamePasswordClientCredential();            _channelFactory.Credentials.UserName.UserName = "username";            _channelFactory.Credentials.UserName.Password = "password"; actually, i do not want to use Windows a

Form Based Authentication with Custom database

Hi, I have a Sharepoint 2010 web application and I want to implement FBA(Form Based Authentication) for that. I don't want to use any membership providers and role providers. I have a SQL server database where we will maintain users and roles. I want to use this database for validating user credentials and authenticating them. Is this possible in Sharepoint 2010? Please reply ASAP.

Custom Authentication migration question

A migration question... sorry if outdatedIn my student times I wrote an application in ASP.NET. Now I wish to upgrade the code to a later Framework versions but want to keep the database structure and old authentication.  Could anyone please send a link to a good article on how to make custom authentication in FrameWork 3.5? And a general question: is it better to move to the built-in authentication functionality? If yes then why? Many thanks

WCF custom authentication

H I an unable to get custom authentication working from Visual Studio 2010 with the 3.5 framework. What am I doing wrong? Thanks Here's my name password validation class.     public class CustomUserNameValidator : UserNamePasswordValidator     {         public override void Validate(string userName, string password)         {             // peform             if (null == userName || null == password)             {                 throw new ArgumentNullException();             }             if (userName != "abc" || password != "123")             {                 throw new SecurityTokenException("Unknown Username or Incorrect Password");             }         }     } Here's

WCF Kerberos Authentication Custom Binding

Hello,I am using Kerberos as the Authentication mode for a WCF Client to interact with an ASMX Web Service. I am using customBinding in the WCF Client. I am getting the below mentioned Fault Exception when I invoke the HelloWorld Method by creating a Proxy using SVCUTIL. `System.Web.Services.Protocols.SoapHeaderException: Server unavailable, please try later ---> System.ApplicationException: WSE841: An error occured processing an outgoing fault response. ---> System.Web.Services.Protocols.SoapException: System.Web.Services.Protocols.SoapException: Server was unable to process request. ---> System.InvalidOperationException: WSE914: This instance of derived key token does not support encryption, decryption, or key wrapping. It can only be used to sign or verify signature. Please make sure that the length of the derived key matches the length of the key required by the symmetric encryption algorithm configured for the derived key token manager.    at Microsoft.Web.Services3.Security.Tokens.DerivedKeyToken.Psha1SymmetricKeyAlgorithm.get_EncryptionFormatter()   at Microsoft.Web.Services3.Security.EncryptedData.ResolveDecryptionKey(String algorithmUri, KeyInfo keyInfo)   at Microsoft.Web.Services3.Security.EncryptedData.Decrypt(XmlElement encryptedElement)   at Microsoft.Web.Services3.Security.EncryptedData.Decrypt()   at Mic

Forms Based Authentication - problem with custom master page and login page



I have successfully enabled and set up FBA (Forms Based Authentication) on my SharePoint 2010 Foundation server. The thing is that I need to customize the look and feel of the login page. I have successfully customized the page (and master page) to look the way I want, however, when I try to log in, I get the following error/message on the page:
"Forms Based Authentication on classic Web applications has been deprecated".

What I've done:
Made copies of /_layouts/simple.master and /_layouts/login.aspx and renamed the copies. The markup in the master page is MUCH simpler than the original, but I've kept all the ContentPlaceholders that I don't use (most of them) in a hidden <asp:Panel at the bottom of the page.

I've changed the web.config file:
<authentication mode="Forms">
      <forms loginUrl="/_layouts/loginCustom.aspx" />

So, I'm not getting any errors on the page until I try to log in. When I use the default settings (login.aspx and simple.master) it works just fine (but damn that page looks ugly!).

Does anyone know what I might be missing?

Update: I believe the reason it doesn't work is because my custom login aspx is not part of the Claims Based Web Application (because it's sitting

need help with sharepoint (wss 3.0) with Windows authentication and Custom Role provider

I'm trying to setup sharepoint(wss 3.0) to use my custom role provider with Windows authentication. I've modified the web.config to enable role manager and I am able to select my custom roles when assigning permissions but it doesn't seem like sharepoint is check the permission again my custom roles. If I enable Forms authentication and use my custom membership provider it all works as expected but I do not want to use FBA because of the issues with Client Integration. Essentially I want all the features that comes with the default windows authentications but just have permission be control from my custom role provider. Can anyone offer any solution or suggestions?

WCF authentication/authorization model question


Hello community

I'm building a SOA application, wcf services and RESTFull asp.net/java clients. I want to authorize/authenticare each client and be able to authorize/authenticate users of each client. example :

  • there are 10 servies running under the main application.
  • company A is authorized to use 5 services.
  • company A users has 3 diffrent group and will access diffrent class/functions within the services proviced for company A.

I want to use webhttpbinding for RESTfull support and Ajax calls(jquery since i'll have java client aswell) along with authentication.

is that even possible to authorize client/users on a wsHttp or basicHttp binding and let them use webhttpbinding in another service with role provider or declarative  authorization?  can anyone suggest me what sort of authorization/authentication combination model shall I use?

How to achieve Custom Forms Authentication



In my earlier verison, I used Active Directory to authenticate users which was Custom. In the sense that, I had passed UserName and password along with a token request through datalayer to authenticate against AD. it would eventually check the DomainName\UserName, password against AD and will get authenticated.

Well, now, I have to do similar thing using Forms.
Can some one explain in detail how to I achieve this custom forms authentication?

Custom authentication



I followed the instructions at the following link http://msdn.microsoft.com/en-us/library/cc281383(v=SQL.100).aspx to config a custom authentication, but I get the following error when I try to access the Report Manager:

StringStartsWith can't accept null parameters

i need this configuration to use the anonymous account for access to the reportserver, then the login dialog will disapear for all clients, (I HOPE). so can any one help me to resolve this problem.Thanks



Authorization Manager (AzMan) as role provider with Windows integrated authentication in SharePoint


Hi all,

First I will describe my environment: Windows Server 2008 R2 x64, IIS 7, SQL Server 2008 and MOSS 2007 Enterprise Edition SP2 x64.

I am trying to setup SharePoint 2007 portal to use Windows integrated authentication with Authorization Manager (AzMan) as role provider.

I have set up an authorization store and defined a set of roles in there. Further I configured the web.configs of my SharePoint environment to use AzMan as role provider.

In IIS I see the roles appearing, but unfortunately those roles are not available in my SharePoint portal. I also see notification in IIS stating that Forms authentication has to be used

What should I do to configure it correctly? Is it even possible to use AzMan with Windows authentication in SharePoint 2007?

Thanks in advance.

With kind regards,




ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  Silverlight  Others  All   

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend