views:

187

answers:

2

Is it possible to use the built in ASP.NET membership provider to secure a web service?

I have a SQL Server database already setup with my membership and now I want to provide a web service that only members are allowed to use. Is it possible to authenticate against this (if so how?) or do I need to have a seperate type of authentication for the web services?

A: 

definitely possible. you can use ASP.NET membership provider in conjunction with WCF (i used this for a project last year). and (thats the fun part) its merely just some configuration you have to do. it also works with ASP.NET RoleProvider´s

additional information :

http://msdn.microsoft.com/en-us/library/ms731049.aspx http://nayyeri.net/blog/use-asp-net-membership-and-role-providers-in-windows-communication-foundation/

Joachim Kerschbaumer
A: 

I think that I can do something like this. I didn't have a server to upload and test right now, but will mark this as the answer if it works:

    [WebMethod]
    public string HelloWorld(String username, String password)
    {
        bool isAuthenticated = Membership.ValidateUser(username, password);

        if (isAuthenticated)
            return "Hello World";
        else
            return "You do not have access to this resource.";
    }
Jeremy H