Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

WCF how to pass token for authentication?

Tags:

wcf

token

wcf-security

I have a WCF service which would like to support basicHttpBinding and webHttpBinding. When the client successfully login, server will generate a token for client to pass to server on all the request make later. Question is how the client can pass the token to server? I don't want to add an extra parameter on every web method to hold the token.

like image 599
Kevin Avatar asked Apr 09 '10 04:04

Kevin

People also ask

How can I add authorization header to the request in WCF?

MessageHeader header = MessageHeader. CreateHeader("Authorization", "", "Basic Y19udGk6Q29udGlfQjNTVA=="); request. Headers. Add(header);

How token-based authentication works C#?

Token-based authentication is a process where the client application first sends a request to Authentication server with a valid credentials. The Authentication server sends an Access token to the client as a response. This token contains enough data to identify a particular user and it has an expiry time.

1 Answers

Typically, the best way to do something like this is passing such "meta-information" in a WCF header. You can easily create a message inspector to extend WCF (it's really not that scary and hard to do!) which would inject the token into every outgoing request from the client, and retrieve it from the header and validate it on the server side.

There are a number of pretty good blog post out there showing you how to create a message inspector:

  • Richard Hallgren's WCF postings
  • Writing a WCF message inspector
  • Automatic Culture Flowing with WCF by using Custom Behaviour

Check out the two relevant interfaces to implement:

  • IClientMessageInspector on the client side, which has a BeforeSendRequest and AfterReceiveReply message to implement
  • IDispatchMessageInspector on the server side, which has a AfterReceiveRequest and BeforeSendReply method to implement
like image 124
marc_s Avatar answered Nov 05 '22 05:11

marc_s
Sign in to Comment

Related questions

Options for RPC in Mono? (WCF Alternatives)
AutoStart/Pre-warm features not working in IIS 7.5 / WCF service
Unable to add service in WcfTestClient when copy to a different machine
Handling dropped clients in a duplex binding WCF application
WCF, RESTful Web Services and custom authentication
Is changing from wcf binding transferMode from "Buffered" to "Streamed" considered a breaking change for the client?
Difference between <endpointBehaviors> and <serviceBehaviors>
Which list/collection type is best to use in a WCF data contract?
What is the difference between wsHttpBinding and ws2007HttpBinding?
How to generate xs:Date in WCF OperationContract parameter
Sending JSON to WCF Rest Service - object is always null
WCF Authentication WITHOUT SSL
client will not catch generic FaultException< T >, only FaultException
Why is the first WCF client call slow?
Pitfalls of (Mis)Using C# Iterators to Implement Coroutines
IIS: web applications warmup
keeping a wcf callback channel open indefinitely / reconnecting from client if it faults
Fastest serializer and deserializer with lowest memory footprint in C#?
How can I force WCF to autogenerate WSDLs with required method parameters (minoccurs="1")?
WCF error "The size necessary to buffer the XML content exceeded the buffer quota" when throwing FaultException

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!