I am using the following credential binding configuration in order to pass a UserName/Password to all service calls. This is not for authentication on the service - instead I'd like to pass the UserName/Password on further downstream. I am trying to keep calls to the service standard which is why I thought that this would be a good way to pass the UserName/Password.
<netTcpBinding> <binding name="tcpWithMessageSecurity"> <security mode="Message"> <message clientCredentialType="UserName" /> </security> </binding> </netTcpBinding>
I then implement a custom UserNamePasswordValidator that does nothing. I am not sure whether there is a better way to disable validation:
public class CustomUserNameValidator : UserNamePasswordValidator { public override void Validate(string userName, string password) { Console.WriteLine("pwd: " + password); } }
The password is available at this point (which is called when the channel is opened), but I need to get access to the password within each service method. Would I need to persist the password somehow, or is there another way to get hold of the UserName/Password from within a service method?
http://devpinoy.org/blogs/cruizer
cruizer:will you do impersonation?
No, the authentication won't work on impersonation, and the users won't exist as Windows accounts.
Basically I am trying to avoid having username/password parameters on all methods...
I've considered creating a custom Principal and adding the password as a property, but it is difficult to find information on where to intercept the password and create the principal and ensure that it is persisted for multiple service calls.
I am still stuck with this problem, although here is the idea behind what I want to accomplish... This could work (after some refinement) but I am sure that it is not the right way - there would be some serious limitations.
I implement a custom username validator:
<serviceCredentials> <userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="Services.Authentication.CustomValidators.CustomUserNameValidator, Services" />
public class CustomUserNameValidator : UserNamePasswordValidator { public static Dictionary<string, string> Passwords; public override void Validate(string userName, string password) { if (!Passwords.ContainsKey(userName)) Passwords.Add(userName, password); } }
I would then be able to retrieve the password for the user in my service methods:
Console.WriteLine(CustomUserNameValidator.Passwords[ServiceSecurityContext.Current.PrimaryIdentity.Name]);
I'm having the same issue. Do you have any working implementation?
Yep the Username is saved.. my problem was passing a password over. That is still going to be a pain if it becomes a requirement but for now Username is good enough.