0

I implemented a WCF service using custom authentication, it works fine when i pass a constant string of username and password into UsernameAuthentication class, Validate method and validate it there. But is there a way i can pass Dynamic Username, password and validate them. How can i implement this and access those values in this class.

class UsernameAuthentication : UserNamePasswordValidator
    {        
        public override void Validate(string userName, string password)
        {            
            var ok = (userName == "DynamicUserName") && (password == "DynamicPassWord");
            if (ok == false)
                throw new AuthenticationException("u/p does not match");
        }
    }
user1663996
  • 43
  • 5

1 Answers1

0

Inside the Validate method you will have to query your own user database and check if the username and password are valid. Usually you will use an RDBMS or an XML file where all user-data are stored.

Have a look at ASP.NET's Membership for an example of a database schema that supports role-based security. Even better, you could integrate ASP.NET's Membership with WCF. Hva a look at the "Control Access to and Usage of Public Web-Hosted Services" of this article. You could also read the chapter on security in Essential WCF by Resnick, Crane and Bowen where they describe many ways to support authentication/authorization in WCF services.

Panos Rontogiannis
  • 4,154
  • 1
  • 24
  • 29
  • I cant really query a db. I have a token value which is created for each request users makes in service. I need to pass that token to service and validate it in the call. I was looking ways to send it in service header or cache them, if anyone has implemented this before. – user1663996 Nov 26 '12 at 19:48