CodeGuru Home VC++ / MFC / C++ .NET / C# Visual Basic VB Forums Developer.com
Results 1 to 2 of 2

Threaded View

  1. #1
    Join Date
    Feb 2001

    WCF consumed by {JSON + ASP.NET} - Authentication, form or Windows?


    I have a WCF service to be consumed by both:

    Consumer #1
    ASP.NET - ASP.NET app uses form-authentication and impersonate a Windows user account WEBUSER. This is a web user account but by and large it works fine as the intention is to tighten the security. So ...

    web.config of the ASP.NET app:
    <authentication mode="Forms">
    path="/" />
    <identity impersonate="true"
    password="SomeSecret" />
    And in web.config of WCF Service hosted in IIS:

    <authentication mode="Windows"/>
    Works fine.

    Consumer #2 JSON/AJAX all from web page in ASP.NET (Consumer #1)

    Now, I added webpage to ASP.NET app that makes AJAX/JSON calls to the WCF Service. I'm not sure what to do in web.config of my WCF Service . Clients viewing the webpage are not always domain users (and we wouldn't want to tie down to this model anyway).

    FYI, in WCF web.config, I've added:
    <serviceHostingEnvironment aspNetCompatibilityEnabled="true" />
    <endpoint address="JSON" behaviorConfiguration="JSONBehavior"
    binding="webHttpBinding" bindingConfiguration="" name="JSON"
    contract="xxx.SecurityServiceLib.ISecurityService" />
    <behavior name="JSONBehavior">
    <enableWebScript />
    I suppose this would suffice for AJAX post/get to include forms-authentication cookie when invoke WCF right?

    Any suggestion? Thanks!
    Last edited by THY02K; May 20th, 2009 at 03:47 AM.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts

Windows Mobile Development Center

Click Here to Expand Forum to Full Width

On-Demand Webinars (sponsored)

We have made updates to our Privacy Policy to reflect the implementation of the General Data Protection Regulation.