Click here to Skip to main content
Rate this: bad
good
Please Sign up or sign in to vote.
See more: C# ASP.NET WCF
My application is created using ASP.net and the authentication is using Windows authentication.Its confusing me,
here they have used WCF for checking user name.Am very new to this WCF.
So i just want to know how they are checking the user name and password from WCF application via windows authentication?
Which one is usual method??
I want to analyze the code and make the report so please help me.
Posted 4-Dec-12 3:02am
Edited 4-Dec-12 3:54am
v2
Rate this: bad
good
Please Sign up or sign in to vote.

Solution 1

I know 2 ways a web application can do Windows Authentication :
 
First one : with IIS, if the page is stored in a directory with restricted access (using NTFS access rights for example), the client will be prompted to enter login and password.
The server will receive those (encrypted or not, depending of the IIS configuration) and the ASP.NET object will be called using those credentials (if access granted).
 
Second one : no server right management, every thing done in the application. In this case, the application may call the Windows function to login to an other account (like in impersonation)
[DllImport("AdvApi32.dll")]
extern static bool LogonUser(string username, string password, string domain, UInt32 LogonType, UInt32 LogonProvider, ref IntPtr hToken); 
Then you can use the System.Security.Principal.WindowsIdentity to manage the account in C# and do the impersonate if necessary.
  Permalink  
Comments
Kavitha le at 5-Dec-12 2:03am
   
Here they have used WCF.Do you have any idea about how they are checking username and password in wcf?
Pascal-78 at 5-Dec-12 3:27am
   
WCF is only a set of API in the .NET Framework. It will internally use those kinds of functions.
You can also read this article from Microsoft : http://msdn.microsoft.com/en-us/library/ff647503.aspx (Chapter 5: Authentication, Authorization, and Identities in WCF)
Rate this: bad
good
Please Sign up or sign in to vote.

Solution 2

You can use PrincipalContext class to validate user credentials. Get domain, userid and password using a login window and validate as follows.
 
//Add this reference
using System.DirectoryServices.AccountManagement;
 
//Use this code for authentication
PrincipalContext pc = new PrincipalContext(ContextType.Domain, txtDomain.Text);
bool bResult = pc.ValidateCredentials(txtUserId.Text, txtPassword.Text);
  Permalink  
Comments
Kavitha le at 5-Dec-12 2:03am
   
Here they have used WCF.Do you have any idea about how they are checking username and password in wcf?

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)



Advertise | Privacy | Mobile
Web02 | 2.8.141022.2 | Last Updated 4 Dec 2012
Copyright © CodeProject, 1999-2014
All Rights Reserved. Terms of Service
Layout: fixed | fluid

CodeProject, 503-250 Ferrand Drive Toronto Ontario, M3C 3G8 Canada +1 416-849-8900 x 100