Hey
I'm writing an admin panel in ASP.NET for an existing set of web service calls. My goal is to use some of the existing login stuff (locking out pages if your not logged in) etc but using my login mechanism. This works by hitting an http post request with a username and password, if you're good you get a session id back, if not you get a 401. Here is the WCF for that:
[WebInvoke(UriTemplate = "/Login/", Method = "POST")]
public String Login(User user)
{
// If we are good return sessiond id
// Otherwise throw 401 etc
So to get this working in ASP.Net what is needed?
I think this:
- Implement a user that overrides MembershipUser and has a session id in it.
- Implement a membership provider that overrides MembershipProvider and does all the WCF calls etc.
- In the Web.Config set up a custom membership provider.
Is this correct or am I missing something major?