tags:

views:

55

answers:

1
Q: 

OData - Data Service Simple Authentication

Hello,

I would like to add simple authentication to Data Services, for now only to restrict access for particular applications by simple token.

I don't need Domain Authentication or Forms authentication.

I read a lot about authentication here:

http://franssenden.wordpress.com/2010/06/14/custom-security-odata-service-wcf-data-services/

http://mtaulty.com/CommunityServer/blogs/mike_taultys_blog/archive/2008/06/03/10482.aspx

http://mtaulty.com/CommunityServer/blogs/mike_taultys_blog/archive/2008/01/15/10119.aspx

http://mtaulty.com/CommunityServer/blogs/mike_taultys_blog/archive/2008/01/10/10100.aspx

Unfortunately it all demands a loooot of work. Most of all creating custom IHttpModule. There should be more simple solution.

I know that when I create object context on the client (WPF) I can add Credentials. 

Uri uri = new Uri("http://localhost/myapp/odata.svc");

MyEntities ent= new MyEntities (uri);
ent.Credentials = new NetworkCredential("token", "zx5as9vxc5sa9h0vb6523cv56");

But where can I read them (without implementation of custom IHttpModule)?

I thought that I can use something in class that is implementation of Data Service for example:

protected override void OnStartProcessingRequest(ProcessRequestArgs args)
{
 string cred = args.OperationContext.AbsoluteRequestUri.UserInfo;
}

I'm not familiar with UserInfo but description for it stands "Gets the user name, password, ...)

So I have two main questions:

  1. Where can I read Credentials included by typing ent.Credentials = new NetworkCredential("token", "zx5as9vxc5sa9h0vb6523cv56");

  2. Where can I (if I can) set UserInfo on the client app and use it in OnStartProcessingRequest method.

Regards, Daniel Skowroński

+1  A: 

There's a series of post about authentication and WCF Data Services (which is the .NET implementation of the OData protocol): http://blogs.msdn.com/b/astoriateam/archive/tags/authentication/

You should be able to find lot more information there (including code samples).

Vitek Karas MSFT  2010-08-18 09:51:28
Thanks, I used http://blogs.msdn.com/b/astoriateam/archive/2010/07/21/odata-and-authentication-part-6-custom-basic-authentication.aspx to create authentication functionality. I did it without creating custom custom HttpModule, simply SSL + client evnt ctx.SendingRequest +=new EventHandler<SendingRequestEventArgs>(OnSendingRequest); + server side in OData Service event protected override void OnStartProcessingRequest(ProcessRequestArgs args)
Daniel  2010-08-25 12:38:47

related questions

How do I add another return format to WCF data services?
Is this a bug? : I get " The type ... is not a complex type or an entity type" in my WCF data service using the Reflection provider
How can I change the xml:base published by a WCF Data Service?
How to perform insert and update with Ado.net dataservices (EF and Inheritance)
Can't submit new object to WCF DataService because of Primary Key constraint
Using LinqExtender to make OData feed fails
How i can send an HttpRequest from C++
How do I properly host a WCF Data Service that connects to SQLServer in IIS? Why am I getting errors?
What's the best way to validate EntityFramwork 4.0 classes?
WCF Data Services - neither .Expand or .LoadProperty seems to do what I need
Change DataSource WCF Data Services
DataServiceQuery
When hosting an ADO.NET DataService<T> in a WCF WebServiceHost how does one get access to the credentials supplied in the request?
Self Hosted ADO.NET Data Services, comsuming from an external Silverlight application
Customize ADO.NET Data Service Exception
ADO.NET Data Service Exception Handling
ADO.NET Data Service Entities Exposed to WCF
Why does ADO.NET Data Services use $ as query param identifier?
subsonic 3 alpha + ado.net data services any samples
Not the right <type>?
Intermediate ado.net dataservice in Silverlight
Synchronous ADO.NET dataservices calls in Silverlight
How to mock ADO.Net Dataservice calls from Silverlight
How do I use Read-Only properties defined in partial (Entity Framework) classes over ADO.Net Data Services
How do I call a stored procedure exposed as an Entity Framework Function Import through ADO.NET Data Services (Astoria)?