0

I'm working on a WCF Web Service, I need to use Basic Authentication over HTTPS and should validate against LDAP for Security and Authentication.

public class BasicAuthenticationModule: IHttpModule 
{ 
public void Init(HttpApplication context) 
{ 
    context.AuthenticateRequest 
       += new EventHandler(context_AuthenticateRequest); 
} 
  void context_AuthenticateRequest(object sender, EventArgs e) 
  {
  } 
}

I used the Code from this link for building the above said part.hooked the AUTHENTICATE_REQUEST event to handle the Authentication required for my service.

I'm having the following issue: When I open the service in Browser, before I can enter the credentials it enters the Authenticate request event handler and since Authorization header is not available it asks for credentials. But after I enter the credentials it is not getting inside the AUTHENTICATE REQUEST event handler but this time the Authorization Header is available but could not authenticate it and hence I'm not able to access the WCF service and it throws I'm not authorized.

Please let me know how can I make the Authenticate request to be called for every request??

I'm helpless with the issue.

Arun Gopinathan
  • 378
  • 4
  • 11

1 Answers1

0

You need to make sure that all other authentication modules in IIS are disabled; with the possible exception of the anonymous authentication module. The latter seems to be required in some circumstances and not in others. I have not been able to pinpoint what causes this difference to arise. If you disable all authentication modules (exception yours) and you see the server returning a 401.2 status, then you will need to enable anonymous authentication.

Terry Coatta
  • 595
  • 4
  • 14
  • Hi @Terry Coatta thanks for your response. The requirement has changed for us we need not use LDAP and we can use Basic Authentication over HTTPS and Active Directory Authentication. So I need not implement the custom Authentication module !whew....!. – Arun Gopinathan Nov 07 '13 at 17:17