Hi created my service using http://ntieref.codeplex.com/ n-tier entity framework.
The service the generator created uses wcf and wsHttpBinding. It uses windows authentication and the program created works fine when the user is logged in the Domain (as it should).
My problem is when I am trying to connect from "outside". I could not find a way to pass
something like this:
client.ClientCredentials.UserName.UserName = "SomeUserName";
client.ClientCredentials.UserName.Password = "WrongPassword";
thats why my call fails with the user not validated.
My question is specific to n-tier entity framework (http://ntieref.codeplex.com/) with the default generated. That's why I am not posting configs. If some one has experience on this framework please help.
I would like to also expose some functions of my own written on the server to the clients (beyond the entity generated functionality) (e.g. a login function that will return some custom class after validation) without breaking the existing functionality.
Where should I write my code ?
WCF Endpoint Configuration
The n-tier entity framework generates plain vanilla WCF services which can be exposed through any WCF endpoints. All you need to do is setting-up corresponding endpoint configurations in your config.
Custom Service Methods
Both, service contracts and implementation are generated as partial interfaces and classes. This allows to add additional custom services methods as required.
Related
At my workplace, we have many existing applications for which common WCF services have been written to expose user and role management functionality at the enterprise level. So, for example, to create a new user, our applications just call the Create method exposed by our UserService.
We are trying to build a new MVC5 web application which needs identity management features. I have found several examples of custom implementation of the ASP.NET identity framework which typically override the IUser, IUserManager, etc. I also found an implementation for MySQL database instead of SQL server. However, I am unable to figure out if it is possible to completely discard away the database part of the framework and hand over the persistence calls to our services but still use methods and facade provided by the framework for cookie management, Owin integration etc. Or enterprise schema, of course, does not match the default Identity framework database schema.
I looked at the Identity Sample from Microsoft that implements a user manager:
var manager = new ApplicationUserManager(new UserStore<ApplicationUser>(context.Get<ApplicationDbContext>()));
This custom user manager ApplicationUserManager needs a UserStore<ApplicationUser>, which needs a ApplicationDbContext. Is it possible to pass some service instance instead to the custom UserStore instead of a DbContext. Can the UserStore even work without a dependency on some database DbContext?
We are planning to use EXTJS framework for presentation layer which would be calling WCF based Rest Service or WebAPI Service(Http services) . My requirement is to have 3 tier architecture (physical separation) so my understanding is that we need to put Service layer on another server and host services on IIS there to be consumed by presentation layer hosted on different IIS server.
I am getting few doubts regarding this architecture.
Should we use Webform approach to host EXTS libraries as in this case ASP.Net MVC would be irrelevant considering that all the rendering logic is done by EXTJS.
If we host services on another server which service authentication should be used .In this case I think we can’t use Form Authentication as the web and service are hosted separately.
Is it really required to host Service layer on another server to make it three tier ,considering the third tier is the Database server. Isn’t browser a tier considering EXTJS library directly renders on the browser.
Since no body answered i will try to answer myself based on my research and response i got from another forum.
We can use MVC approach as well, the Controller method can be used to return JSON result for the EXTJS API to consume. But the downside is with this approach we cannot use strongly typed model in views along with other features like use of Html helper and automatic validation based on the models.
With this approach we can still use MVC routing or can go entirely with a Single View and ExtJs Routing.
Place the services your Ext.js needs on the web tier, where your Webforms/MVC application also runs. Separate your business logic/data logic via other services on another server if needed (second tier). Don't call these directly from your Ext.js. Keep presentation in the first/Web tier.We can use Form Authentication to call service in web-tier and Windows authentication to call the service from Webtier to second tier.
From the server side perspective a browser's not really considered a tier.However with modern approaches it's debatable.
I have a large enterprise application with specific domain logic and validation with external domain services. Validation layer already implemented in the base system.
My api uses data transfer objects for client-server messaging, but validation in ASP.NET Web Api suggests use Data Annotations attributes or IValidatableObject interface in model classes (or DTO).
How I can integrate my legacy validation system with ASP.NET Web Api validation?
Thanks.
It sounds like your validation layer, being logic that you have around your domain level objects, doesn't necessarily need to be "integrated" with your web api in the interest of keeping these separate.
For the api validation, you're either going to add another level of validation in your api using the Data Annotations/ModelState solution (or manual validation checks in your controllers) or handle the exceptions that bubble up from your domain validation in your service layer, where you can format and respond appropriately to the consumer.
Is there a way I can use the session created by ASP.NET to authenticate my silverlight app? All I would need is the userID. Then I can call to my WCF RIA service to get roles, etc. If there is a better way to do this, please tell.
But I want to be able to login using html in asp.net. I'm using forms authentication.
Since the user authentication context resides on the server and the SL resides on browser, you need to create a service layer in WCF to get these details. The WCF service needs to run in aspNetCompatibilityEnabled mode. Check details here. Once you create such WCF service, you can expose methods on it such as GetLoggedInUser(), GetUserRoles() etc. I believe WCF RIA service make this work easier for you, so you can concentrate on main application logic.
If the user id is all you need you can pass it as a custom initialization parameter to the Silverlight plugin. More info on MSDN:
http://msdn.microsoft.com/en-us/library/cc189004%28v=vs.95%29.aspx
Should I access the asp.net membership class from the controller and pass the results to the service layer, or access it directly from the service layer?
I'm torn because on one hand this seems like business logic that should be handled in the service layer, but I don't want to tie the service layer to the web namespace as this might become an windows app down the road.
the answer, use IoC to create a membership interface that the service layer uses. the website's implementation can use the web namespace. And the windows app can have a different implementation. and since you can inject that dependency, your service layer doesn't have to change :-)
ASP.NET Membership is Web-specific, so that should be accessed in the Controller. MHO is that the service layer should not be hard-wired to the web. So for adding/removing users, do that via the Controller.
OTOH, in the service layer, you can read Thread.CurrentPrincipal.Identity, which is non-web-specific, but happens to be entirely compatible with ASP.NET Membership. So if you only need to get the current user you can do that without voilating separation of concerns.
Is it really a problem to use System.Web? It's no different than tying it to System.Configuration, or System.IO. Any application can make use of it, whether it's "offline" or not.
I routinely tie my web apps to assemblies that are more classically though of as "winforms" assemblies, to get access to useful collection objects and such.