Re: forms auth, authenticate against already encrypted password?
- From: "Tim Mackey" <tim.mackey@xxxxxxxxxxxxxxxx>
- Date: Thu, 4 Jan 2007 11:44:52 -0000
hi Steven,
thanks for the tip. i actually tried using a WebClient implementation first, sending a POST request to login.aspx which handled Request.Form["Username"] etc in the Page_Load event. and this part of the code worked fine, the values were passed in ok and the FormsAuthentication code executed properly. i got stuck though when trying to use the web service after executing the POST because there don't appaer to be any cookies with the WebClient class. i have tried it again using the HttpWebRequest class and now i can share the CookieContainers, it works beautifully. just for future reference, here is what i have:
Login.aspx.cs
public partial class Log_in : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{
if(Request["Username"] != null)
{
// web service trying to authenticate itself via HTTP request
if(FormsAuthentication.Authenticate(Request["Username"], Request["Password"]))
FormsAuthentication.SetAuthCookie(Request["Username"], false);
}
}
}
Winforms client:
private bool AuthenticateWebService()
{
// send a HTTP web request to the login.aspx page, using the querystring to pass in username and password
string postData = String.Format("?Username={0}&Password={1}", this.txtUsername.Text, this.txtPassword.Text);
string url = this.fileTransferUpload1.WebService.Url.Replace("MTOM.asmx", "") + "Login.aspx" + postData;
HttpWebRequest req = HttpWebRequest.Create(url) as HttpWebRequest;
req.CookieContainer = new CookieContainer();
HttpWebResponse response = (HttpWebResponse) req.GetResponse();
// copy the cookie container to the web services
this.WebService1.CookieContainer = req.CookieContainer;
this.WebService2.CookieContainer = req.CookieContainer;
return (response.Cookies.Count > 0); // true if there is a cookie, i.e. authenticated successfully
}
thanks again for the suggestion
tim
"Steven Cheng[MSFT]" <stcheng@xxxxxxxxxxxxxxxxxxxx> wrote in message news:eOnPyl6LHHA.3604@xxxxxxxxxxxxxxxxxxxxxxxxx
Thanks for Dominick's informative suggestion.
Hi Tim,
I agree with Dominick. Although I haven't ever used forms authentication in
ASP.NET webservice, I think it is the same as you use httpwebrequest to
programamtically send request to forms authentication protected webpage.
And in webservice scenario, the client proxy just use the httpwebrequest
component and to make two proxies(accessing difference webservice endpoints
in the same ASP.NET application), you can consider share a cookie container
between them so that you only need to authentication against the server
once at the begining.
Sincerely,
Steven Cheng
Microsoft MSDN Online Support Lead
This posting is provided "AS IS" with no warranties, and confers no rights.
.
- Follow-Ups:
- Re: forms auth, authenticate against already encrypted password?
- From: Dominick Baier
- Re: forms auth, authenticate against already encrypted password?
- References:
- Re: forms auth, authenticate against already encrypted password?
- From: Tim Mackey
- Re: forms auth, authenticate against already encrypted password?
- From: Dominick Baier
- Re: forms auth, authenticate against already encrypted password?
- From: Steven Cheng[MSFT]
- Re: forms auth, authenticate against already encrypted password?
- Prev by Date: Re: How to capture network login using ASP.NET
- Next by Date: Re: forms auth, authenticate against already encrypted password?
- Previous by thread: Re: forms auth, authenticate against already encrypted password?
- Next by thread: Re: forms auth, authenticate against already encrypted password?
- Index(es):
Relevant Pages
|
