views:

3750

answers:

6

I recently wrote a webservice to be used with Silverlight which uses the ASP.net membership and roles.

To validate the client in the service I look at the HTTPContext.Current.User (Which works when the service is called from Silverlight)

However, I've been trying to call the same service from an asp.net postback. But when I step-thru to the service the HTTPContext.Current has an emplty string for the username.

I'm guessing there is something that I'm not doing in the web.config file which is causing the httpContext to not be sent through the proxy to my service?

Any ideas would be appreciated. I need to be able to validate the client somehow using asp.net membership and roles and have it work from both an asp.net client and a silverlight client.

A: 

Not sure how it is working from Silverlight but not ASP.Net, but for starters here is a good blog post on how to setup WCF to work with ASP.Net membership providers. There are quite a few steps so this could be pretty easy to miss a setting.

Once you get that working correctly then I imagine both should work correctly.

Bryant
A: 

I think it may be because my wcf service is in my silverlight.web project, and perhaps they are more friendly when it comes to sharing.

I may need to read up more on wcf and create a greater seperation of concerns by setting up a seperate webservice project?

JSmyth
+1  A: 

Instead of HTTPContext try ServiceSecurityContext.Current.PrimaryIdentity

ServiceSecurityContext is null - Although I do have <security mode="None"/> For the service, maybe I have to setup certificates or something?
JSmyth
A: 

Update:

Ok I've taken a look at the HTTP Post request using Fiddler

Looks like the Silverlight App is sending a 'State' with an authorization cookie and my asp.net app isn't.

Looks like I need to send the state + my authorization cookie when I call the service. I may need to formulate a new question soon...

JSmyth
+2  A: 

I have solved it!

Looks like by default the Silverlight application was sending all the browsers cookies to the service. One of these cookies is the ".ASPXAUTH" cookie to authenticate against the membership and roles.

The asp.net application however was not sending the cookies to the service. To send the authorisation cookie I used the following code before calling my webservice method.

    using (OperationContextScope scope = new OperationContextScope(ws.InnerChannel))
    {
HttpRequestMessageProperty httpRequest = new HttpRequestMessageProperty();
OperationContext.Current.OutgoingMessageProperties.Add(HttpRequestMessageProperty.Name, httpRequest);

            HttpCookieCollection cc = Page.Request.Cookies;
            if (Request.Cookies[".ASPXAUTH"] != null)
            {
                HttpCookie aCookie = Request.Cookies[".ASPXAUTH"];
                String authcookieValue = Server.HtmlEncode(aCookie.Value);
                httpRequest.Headers.Add("Cookie: " + ".ASPXAUTH=" + authcookieValue);

            }
// Webservice call goes here
    }
JSmyth
A: 

hi, can anyone provide a sample code for this working in MVC / silverlight / webservice

thanks in advance