Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Basic Authentication with WCF REST service to something other than windows accounts?

Tags:

rest

wcf

Is there a clean way to expose a WCF REST service that requires basic authentication, but where we handle the actual validation of the username/password ourselves? It seems that when you tell WCF in config that you want to use basic authentication, it forces you to turn on basic authentication in IIS and IIS can only do basic authentication against window accounts.

The only hack we have found is to lie to WCF and tell it there is no security on the service and then do authentication outside of the WCF stack using a generic IHttpModule (which has a proprietary config file to indicate which URLs have which authentication/authorization requirements).

It seems like there should be a better way. Anyone have one?

like image 410
Erv Walter Avatar asked Mar 18 '09 23:03

Erv Walter


1 Answers

The WCF REST Contrib library enables this functionality:

http://github.com/mikeobrien/WcfRestContrib

It also allows you to secure individual operations.

like image 183
hcoverlambda Avatar answered Oct 15 '22 06:10

hcoverlambda