I'm working on a solution where I have a WPF project that is using a WCF DataService which is located in another ASP .NET project to access the data.
I need to provide a level of security which ensures that only authenticated users can access the service. Having surfed the net I've broken my head trying to accomplish that. What is the proper way to implement that?
WCF dataservice security in a WPF application
278 Views Asked by OneMoreVladimir At
1
There are 1 best solutions below
Related Questions in WPF
- Best way to make an HABTM association via console
- undefined method `namespace' for main:Object (NoMethodError) - active record / rakefile
- Ruby destroy is not working? Or objects still present?
- Trying to set the value of an input with mechanize
- How to split the logic in a ruby game
- How can I monitor an endpoint's status with Ruby?
- Why can a private class method be explicitly invoked in Ruby?
- Rails - Ajax do not work properly on production server
- syntax error, unexpected kEND
- Carrierwave file upload with different file types
Related Questions in WCF
- Best way to make an HABTM association via console
- undefined method `namespace' for main:Object (NoMethodError) - active record / rakefile
- Ruby destroy is not working? Or objects still present?
- Trying to set the value of an input with mechanize
- How to split the logic in a ruby game
- How can I monitor an endpoint's status with Ruby?
- Why can a private class method be explicitly invoked in Ruby?
- Rails - Ajax do not work properly on production server
- syntax error, unexpected kEND
- Carrierwave file upload with different file types
Related Questions in AUTHENTICATION
- Best way to make an HABTM association via console
- undefined method `namespace' for main:Object (NoMethodError) - active record / rakefile
- Ruby destroy is not working? Or objects still present?
- Trying to set the value of an input with mechanize
- How to split the logic in a ruby game
- How can I monitor an endpoint's status with Ruby?
- Why can a private class method be explicitly invoked in Ruby?
- Rails - Ajax do not work properly on production server
- syntax error, unexpected kEND
- Carrierwave file upload with different file types
Related Questions in DATASERVICE
- Best way to make an HABTM association via console
- undefined method `namespace' for main:Object (NoMethodError) - active record / rakefile
- Ruby destroy is not working? Or objects still present?
- Trying to set the value of an input with mechanize
- How to split the logic in a ruby game
- How can I monitor an endpoint's status with Ruby?
- Why can a private class method be explicitly invoked in Ruby?
- Rails - Ajax do not work properly on production server
- syntax error, unexpected kEND
- Carrierwave file upload with different file types
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Popular # Hahtags
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
I did this in the past where the WCF's
Loginmethod would create a user object, assign the user object a Token (in my case, it was a GUID), and store it internally on the WCF server in anAuthenticatedUserslist.Any other WCF call required the token as a parameter. It would check if a user existed in the
AuthenticatedUserslist with that token, and would return an error if the no User with that token existed. An added benefit is I would always know who made the WCF call without needing them to pass in a User Id.I also stored a
LastActivityDateTime with the User objects on the server. Each WCF call would refresh this value, and providing theAuthenticatedUserslist on the WCF server had at least one value, a Timer ran on the server which would check the AuthenticatedUsersLastActivityvalue and delete the user if they had been inactive for over 20 minutes.