Introduction: Today I am going to write about the WCF and ASP.NET Membership Provider & Roles Provider.
How we can use Membership Provider in the WCF
How will we pass Client Credentials from the client. The WCF Client may be a Console Application, Windows Application or Web Application.
I have gone through many related articles and blogs which I am going to write about. There was not enough information about both the Membership Provider and the Roles Provider.
Purpose: To build a solution where a WCF service will manage Authentication and Roles Management.
Codes: Ok. I am going to start coding for a WCF Service with Membership and Roles.
Step 1: First of all we will create a new project. The project type should be WCFServiceLibrary. We will not change anything in the Service Interface.
We'll only add the "Principal Permission" attribute above the method. The method will execute only if the user has an admin right because we have specified in the Principal Permission Attribute.
[PrincipalPermission(SecurityAction.Demand, Role = "admin")]
public string GetData(int value)
{
//if (HttpContext.Current.Session["Result"] != null)
// return string.Format("You entered: {0}", value);
return string.Format("You entered: {0}", value);
}
Step 2: Now we will add ConnectionString, Membership Provider and Roles Provider in app.config file.
<connectionStrings>
<add name="DefaultConnection" connectionString="Data Source={ServerName};Initial Catalog={DatabaseName};Integrated Security=True"
providerName="System.Data.SqlClient" />
</connectionStrings>
<system.web>
<compilation debug="true"/>
<authentication mode="Forms"/>
<membership defaultProvider="DefaultMembershipProvider">
<providers>
<clear />
<add name="DefaultMembershipProvider" type="System.Web.Security.SqlMembershipProvider" connectionStringName="DefaultConnection" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" requiresUniqueEmail="false" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10" applicationName="/" />
</providers>
</membership>
<roleManager enabled="true" defaultProvider="AspNetSqlRoleProvider">
<providers>
<clear />
<add connectionStringName="DefaultConnection" applicationName="/" name="AspNetSqlRoleProvider" type="System.Web.Security.SqlRoleProvider" />
</providers>
</roleManager>
</system.web>
Step 3: We will test WCF test application with default endpoint.
<bindings>
<wsHttpBinding>
<binding name="wsHttpEndpointBinding">
<security>
<message clientCredentialType="UserName" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<services>
<service name="WCFServiceWithMemberShip.Service1" behaviorConfiguration="ServiceBehavior">
<host>
<baseAddresses>
<add baseAddress="http://localhost:8733/Design_Time_Addresses/WCFServiceWithMemberShip/Service1/" />
</baseAddresses>
</host>
<endpoint address="" bindingConfiguration="wsHttpEndpointBinding" binding="wsHttpBinding"
contract="WCFServiceWithMemberShip.IService1">
</endpoint>
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange"/>
</service>
</services>
In the above endpoint we are using wsHttpBinding because the security is Message type. It won't work with basichttpBinding.
Step 4: Now we will see below the most important thing. You can see the highlighted text below; we have configured the RolesPorvider and Membership Provider for the service.
<behaviors>
<serviceBehaviors>
<behavior name="ServiceBehavior">
<serviceAuthorization principalPermissionMode="UseAspNetRoles" roleProviderName="AspNetSqlRoleProvider">
</serviceAuthorization>
<serviceMetadata httpGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="false" />
<serviceCredentials>
<clientCertificate >
<authentication certificateValidationMode="PeerOrChainTrust" revocationMode="NoCheck"/>
<certificate findValue="localhost" storeLocation="LocalMachine" storeName="My" x509FindType="FindBySubjectName" />
</clientCertificate>
<serviceCertificate findValue="localhost" storeLocation="LocalMachine" storeName="My" x509FindType="FindBySubjectName" />
<userNameAuthentication userNamePasswordValidationMode="MembershipProvider"
membershipProviderName="DefaultMembershipProvider" />
</serviceCredentials>
</behavior>
</serviceBehaviors>
</behaviors>
</configuration>
Step 5: Now we will consume the WCF service in the ConsoleApplication. We just use a service reference in the Client application.
Client config file will look like this.
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<startup>
<supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.5" />
</startup>
<system.serviceModel>
<bindings>
<wsHttpBinding>
<binding name="WSHttpBinding_IService1">
<security>
<message clientCredentialType="UserName" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<client>
<endpoint address="http://localhost:8733/Design_Time_Addresses/WCFServiceWithMemberShip/Service1/"
binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_IService1"
contract="ServiceReference1.IService1" name="WSHttpBinding_IService1">
<identity>
<certificate encodedValue="AwAAAAEAAAAUAAAAjFYTFAWcfK16VR04unfMDAglktIgAAAAAQAAANUBAAAwggHRMIIBOqADAgECAhB
Xl/pS1MZAiE9XIoZU96WeMA0GCSqGSIb3DQEBBQUAMBQxEjAQBgNVBAMTCWxvY2FsaG9zdDAeFw0xMjA0MTIxMjU5NDRaFw0yMjA0MTIwMDAwMDBa
MBQxEjAQBgNVBAMTCWxvY2FsaG9zdDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqHHfPvuMcvaSxEijFMYbTOzqezdntfUzjpj1p5hJwF+q6UOnm
URO5Inh90VGS1JnYYMarb21UOYtQr2L1WulzrTHY402WPDnepsi6FRpufMV7FDSb+MDtt/8k0dtF4y9xBH6OUuW3KP/2uE18Fw8xaLMkd/wUjr+s84iEtlRsQk
CAwEAAaMkMCIwCwYDVR0PBAQDAgSwMBMGA1UdJQQMMAoGCCsGAQUFBwMBMA0GCSqGSIb3DQEBBQUAA4GBAE+6Ed40e+oY5Q
2dVt3BgSiSGMlXYJ4Yvmu+h8KnbTa9jFhbgi76gj8or4QFK0heCBZCzm/k9xdXKkCYt/WEC/CAL9tPEXJb7vS+yjObBeukA9STw888K65zUup5HgvJdad1Zg5z9
IXuCf81VnHYI3S5K+rdOlGs+d3wlhh3Em8Q" />
</identity>
</endpoint>
</client>
</system.serviceModel>
</configuration>
Step 6: Now we will call the service in the client application:
static void Main(string[] args)
{
using (ServiceReference1.Service1Client client = new ServiceReference1.Service1Client())
{
client.ClientCredentials.ServiceCertificate.Authentication.CertificateValidationMode = System.ServiceModel.Security.X509CertificateValidationMode.None;
client.ClientCredentials.UserName.UserName = "{username}";
client.ClientCredentials.UserName.Password = "{Password}";
Console.WriteLine(client.GetData(1));
Console.ReadKey();
}
}
I hope now you can use membership and roles in WCF. If anyone has any questions, please feel free to make your comments.