views:

124

answers:

3

I have a web application that accesses a database through a wcf service. The idea is to abstract the data from the web application using the wcf service. All that works fine but I am also using the built in roleprovider using the SqlRoleManager which does access the aspnetdb database directly. I would like to abstract the roleprovider by creating a custom roleprovider in a wcf service and then accessing it through the wcf service.

I have created the custom role provider and it works fine but now I need to place it in a wcf service.

So before I jump headlong into trying to get this to work through the WCF service, I created a second class in the web application that accessed the roleprovider class and changed my web config roleprovider parameters to use that class. So my roleprovider class is called, "UcfCstRoleProvider" and my web.config looks like this:

    <roleManager 
    enabled="true" 
    defaultProvider="UcfCstRoleProvider">
  <providers>
    <add 
        name="UcfCstRoleProvider" 
        type="Ucf.Security.Wcf.WebTests.UcfCstRoleProvider, Ucf.Security.Wcf.WebTests" 
        connectionStringName="SqlRoleManagerConnection" 
        applicationName="SMTP" />
  </providers>
</roleManager>

My class starts like this:

    public class UcfCstRoleProvider : RoleProvider
{
    private readonly WindowsTokenRoleProvider _roleProxy = new WindowsTokenRoleProvider();

    public override string ApplicationName
    {
        get
        {
            return _roleProxy.ApplicationName;
        }
        set
        {
            _roleProxy.ApplicationName = value;
        }
    }

As I said, this works fine. So the second class is called BlRoleProvider that has identical properties and parameters as the roleprovide but does not implement RoleProvider. I changed the web.config to point to this class like this:

    <roleManager 
    enabled="true" 
    defaultProvider="BlRoleProvider">
  <providers>
    <add 
        name="UcfCstRoleProvider" 
        type="Ucf.Security.Wcf.WebTests.BlRoleProvider, Ucf.Security.Wcf.WebTests" 
        connectionStringName="SqlRoleManagerConnection" 
        applicationName="SMTP" />
  </providers>
</roleManager>

But I get this error. "Provider must implement the class 'System.Web.Security.RoleProvider'."

I hope I have explained well enough to show what I am trying to do. If I can get the roleprovider to work through another class in the same application, I am sure it will work through the WCF service but how do I get past this error?

Or maybe I took a wrong turn and there is a better way to do what I want to do??

A: 

Hey,

No, you have to have a class that must implement RoleProvider. That will not work. If you can't have this class inherit from RoleProvider directly, consider creating a RoleProvider wrapper class that implements RoleProvider's props/methods, but utilizes whatever you need to do with this second class.

This error isn't specific to WCF, but is specific to the role provider framework.

HTH.

Brian
A: 

Looking at your code it appears that you already have your configuration using a custom role provider.

If you want to be able to authentiacate users mking calls through your web service you should implement a custom header that authenticates each request against your configured role provider.

Things work slightly differently in WCF, it's not like you have access to session and application states since each call is considered to be a stateless one, a custom header however will offset that by handling this stuff as the call is made.

Wardy
+1  A: 

I think your best bet is to create a custom role provider and implement each method. In the implementation of each method, call the WCF service to do the data access. Eg:

public class WcfRoleProvider: RoleProvider
{
    public bool IsUserInRole(string username, roleName)
    {
        bool result = false;
        using(WcfRoleService roleService = new WcfRoleService())
        {
            result = roleService.IsUserInRole(username, roleName);
        }

        return result;
     }
}
Sean Amos