Is it possible to use the built in ASP.NET membership provider to secure a web service?
I have a SQL Server database already setup with my membership and now I want to provide a web service that only members are allowed to use. Is it possible to authenticate against this (if so how?) or do I need to have a seperate type of authentication for the web services?
definitely possible. you can use ASP.NET membership provider in conjunction with WCF (i used this for a project last year). and (thats the fun part) its merely just some configuration you have to do. it also works with ASP.NET RoleProvider´s
additional information :
http://msdn.microsoft.com/en-us/library/ms731049.aspx http://nayyeri.net/blog/use-asp-net-membership-and-role-providers-in-windows-communication-foundation/
I think that I can do something like this. I didn't have a server to upload and test right now, but will mark this as the answer if it works:
[WebMethod]
public string HelloWorld(String username, String password)
{
bool isAuthenticated = Membership.ValidateUser(username, password);
if (isAuthenticated)
return "Hello World";
else
return "You do not have access to this resource.";
}