.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Win Surprise Gifts!!!

Top 5 Contributors of the Month
Gaurav Pal
Post New Web Links

Hash-based Message Authentication Code in WCF 4.0 RESTful service

Posted By:      Posted Date: April 10, 2011    Points: 0   Category :Windows Application

What is an ideal way of implementing "Hash-based Message Authentication Code" in WCF 4.0 REST, with out putting logic inside each service operation logic?  Can you give me an example of using ServiceAuthenticationManager or some kind of service behavior to accomplish this?


View Complete Post

More Related Resource Links

Sharepoint Claim Based Authentication Web Service issue


Hi all,

I have Configured sharepoint 2010 foundation to use claim based authentication with sqlmembership provider.

When i try to consume the webservice i get access denied error. The service i wish to consume is http://<server>:25757/_vti_bin/usergroup.asmx.

I tried to find out the issue i cannot consume the service as it redirects me to the login page. I also tried to pass the network credentials but same error. (Server was unable to process request. ---> Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))

When i try to consume the same service of another web application (sharepoint 2010 foundation) it works. Only difference between the two web application is classic authentication with NTLM and other is CLAIM based authentication windows (with NTLM) / forms.


Best Regards,


Claims-based authentication w/ SP2010 Foundation and performing a web request in code


Hey all! Using VS2010 and SP2010 Foundation on Win2008R2 dev machine, the following code within a custom LDAP provider class originally worked using OOB authentication until I switched to claims-based authemtication. The purpose behind the code is to check a url for access using the existing user and return a true or false.

HttpWebRequest myRequest = (HttpWebRequest)WebRequest.Create(Url);
myRequest.Method = "GET";
myRequest.UseDefaultCredentials = true;
myRequest.Timeout = 8000;
myResponse = myRequest.GetResponse();
streamReader = new StreamReader(myResponse.GetResponseStream(), System.Text.Encoding.UTF8);
string result = streamReader.ReadToEnd();

After switching to claims-based auth, I now get a 403 error in code regardless if the user has access or not. Here's the web.config:

<membership defaultProvider="i">

        <add name="i" type="Microsoft.SharePoint.Administration.Claims.SPClaimsAuthMembershipProvider, Microsoft.SharePoint, Version=, Culture=neutral, PublicKeyToken=71e9bce111e9429c" />

        <add name="CustomLDAPMembership" type="[custom ldap class]" server="[omitted]" port="

How to enable windows authentication for a RESTFul web service which is not hosted in IIS


I have created a WCF RESTFul webservice by following http://msdn.microsoft.com/en-us/library/dd203052.aspx. I am hosting my RESTful webservice in a window service (and not IIS) using the WebServiceHost class. 

Now I am struggling to get user's windows credentials in my web service methods. I looked at various code samples in forums for this. Almost all of them are hosting the service in IIS plus configuring  the service's settings using <system.serviceModel> tag.

I don't want to host my service in IIS plus as of now I haven't overridden any EndPoints, Behaviours etc in .config file.

I tried with below code in my window service's onstart method

WebServiceHost host = new WebServiceHost(typeof(MyService), new Uri(_serviceUrl));

ServiceAuthorizationBehavior myServiceBehavior = host.Description.Behaviors.Find<ServiceAuthorizationBehavior>();
myServiceBehavior.PrincipalPermissionMode = PrincipalPermissionMode.UseWindowsGroups;


After putting above code I queried ServiceSecurityContext.Current and System.Threading.Thread.CurrentPrincipal  my RESTFul's method but they are showing no sign of return

RESTful service call results in status code 409 - why?


My RESTful WCF service has methods to retrieve and update an object.  The retrieval works just fine but the update (or PUT) doesn't.

Here's the service interface and implementation:


    public interface ICandidate
        Common.RestResponse<Person> GetPersonByIndex(string index);

        void UpdatePerson(string id, Person person);
    public class Candidate : ICandidate
        [WebGet(UriTemplate = "/{index}",
                RequestFormat = WebMessageFormat.Json,
                ResponseFormat = WebMessageFormat.Json)]
        public Common.RestResponse GetPersonByIndex(string index)
            Common.RestResponse result = new TWA.Common.RestResponse();

            int Index = 0;
            if (Int32.TryParse(index, out Index)) 
                List list = PersonService.GetPersonList(true, true, true);
                if (list.Count > Index)
                    result.Success = true;
                    result.Count = list.Count;
                    result.Data = list[Index];

creating a code based on the evaluation


I would like to create a simple program, like a game, but so far without any graphical interface. Only a code, supported with some numbers, so that the user will know whats going on in the background.

I was thinking of creating a racing game (like formula 1 or sometihng similar), with available data (attributes) like:

Driver: age, agility, concentration, experiance, stamina,...

Car: engine, chassis, tyres

Service Station: Building RESTful Clients


This column how to build clients applications based on the REST architecture using HTTP AP1s. The article describes how to address the question of autogenerated types and code.

Jon Flanders

MSDN Magazine October 2009

Service Station: An Introduction To RESTful Services With WCF


We discuss some of the basic tenets of REST as well as present an implementation of a RESTful service using WCF.

Jon Flanders

MSDN Magazine January 2009

Service Station: Authorization In WCF-Based Services


Windows Communication Foundation (WCF) provides an easy role-based system and a more powerful and complex claims-based API for implementing authorization in services.

Dominick Baier and Christian Weyer

MSDN Magazine October 2008

Cutting Edge: A Provider-Based Service for ASP.NET Tracing


When it comes to catching programming errors, the debugger is a developer's best friend. ASP. NET tracing, however, is a nice complement to the debugger and shouldn't be overlooked. It enables your ASP.

Dino Esposito

MSDN Magazine June 2006

Code Name WinFS: Revolutionary File Storage System Lets Users Search and Manage Files Based on Conte


One of the monumental problems organizations face today is aggregating information that's stored in disparate formats. Knowledge workers have long wanted to be able to search for content independent of format. The next version of the Windows operating system, code-named "Longhorn," boasts a new storage subsystem that makes that task easier. That subsystem, code-named "WinFS," allows the user to perform searches based on the metadata of the stored item, regardless of what type of file it is or which application created it. This article covers the basic architecture of WinFS and explains how to use the WinFS managed API.

Richard Grimes

MSDN Magazine January 2004

C++ and ATL: Use ATL Server Classes to Expose Your Unmanaged C++ Code as an XML Web Service


Throughout this issue, you'll read all about the promise of Web Services and how the .NET Framework enables Web Service development. Many people will also be building their Web Services atop C++ code and frameworks like ATL Server, particularly when performance is paramount. In this article, the authors show how fully functional Web Services are built using ATL Server and Visual Studio .NET. Beginning with unmanaged C++ classes, they add ATL attributes that make the code work over HTTP.

Kirk Fertitta and Chris Sells

MSDN Magazine December 2002

Design: Place XML Message Design Ahead of Schema Planning to Improve Web Service Interoperability


Web Services are all about exchanging data in the form of XML messages. If you were about to design a database schema, you probably wouldn't let your tool do it for you. You'd hand-tool it yourself to ensure maximum efficiency. In this article, the author maintains that designing a Web Service should be no different. You should know what kind of data will be returned by Web Service requests and use the structure of that data to design the most efficient message format. Here you'll learn how to make that determination and how to build your Web Service around the message structure.

Yasser Shohoud

MSDN Magazine December 2002

.NET GUI Bliss: Streamline Your Code and Simplify Localization Using an XML-Based GUI Language Parse


While Windows Forms in .NET has lots of cool features, if you're used to MFC, there are a couple of things you'll find missing, like doc/view, command routing, and UI update. The .NET answer to this is a code generator that writes new code for every single element. But there's a better way. In this article, Paul DiLascia shows how to develop an XML-based GUI language parser for .NET that lets you code resources, menus, toolbars, and status bars in XML instead of with procedural code. He also shows how a user interface based on XML can easily be localized using standard .NET techniques, and introduces his very own library, MotLib.NET, with lots of GUI goodies for your programming pleasure.

Paul DiLascia

MSDN Magazine November 2002

Tamper-Resistant Apps: Cryptographic Hash Algorithms Let You Detect Malicious Code in ASP.NET


Cryptographic hash algorithms produce fixed-length sequences based on input of arbitrary length. A given input always produces the same output, called a hash code. Using these algorithms, you can compute and validate hash codes to ensure that code running on your machine has not been tampered with or otherwise changed. ASP.NET provides a software mechanism for validating hash code fingerprints for every page requested by a client. In this article, the author shows how to use hash codes with ASP.NET applications to detect tampering and prevent malicious code from running when tampering is detected.

Jason Coombs

MSDN Magazine September 2002

ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  Silverlight  Others  All   

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend