MY applictaion = Asp.net 4.0 + EF + WCF services + Database MYSQL all are different project(n tier architecture)
I am using sessionState mode="Custom"(storing session info in the DB) in my WEB project
My problem==> I know the session ID but how to get other session value in the other project like WCF Project
The ASP.NET Session cannot be shared between different applications that are hosted in different application pools in IIS. There are hacks that could allow you to do it but it is not recommended. The WCF service shouldn't depend on any session or it will be less reusable. The ASP.NET application which is consuming this service could pass all the necessary information when invoking a method.
Related
I am working on application whose details are as follows:
Its 3 tier architecture. Web Tier (ASP.Net MVC) -- Service Tier (ASP.Net WebApi 2) -- Database Tier(MS SQL 2014).
Application will also have native mobile apps as clients which will consume Service tier.
Service Tier (Web API) uses individual username/password in conjunction with OAuth for authentication and authorization.
User details are stored using ASP. Net Identity system. ASP. Net Identity database tables are in same database as that of application database.
There will be no direct calls from clients i.e. web or mobile apps to database and every request has to go via service layer.
Users of web client and mobile apps will be authenticated against asp.net identity database which is part of application database.
I have partially implemented above architecture however facing one challenge i.e. once user is authenticated, OAuth token will be issued from service layer which will be valid for one day. But how and where should I securely store this token in Web Client (ASP.Net MVC app) so that user needs to login only once in day and not for every single request that it makes.
One option I can think of is once user is authenticated and token is received in web client then store it in in-memory session storage and use it for further requests. However down side of this is, it will reduce scalability of application and will require sticky sessions in load balanced environment.
Is there any better way I can handle this situation? Also want to validate above architecture if its correct architecture?
I have a WCF service which is repsonsible for authenticating users . Unlike WCF Authentication Services , I want all authentication (including the ones from a asp.net web application) to happen at the WCF service layer .
Now, my query , should I be defining membership providers for authentication at the web application tier.Say , for eg, I define a custom WCF memebership provider that calls the WCF service to carry out authentication.
or If the application uses forms authentication for authenticating users against a active directory , I would use a Active directory membership provider at the Web Tier.
As per my logic , since I want the WCF service to be repsonsible for authenticating users from different applications , I would define the membership providers at the service layer .
However , there are difference in opinion as to which layer is responsible for implementing the membership provider .
Thansk & Regards
Girija
You can't (and should not) perform, let's say, Windows authentication for asp.net application in WCF. Nor should you make your service responsible for determining which authentication uses asp.net.
In short, you should define your authentication mechanism at application level (although you can implement it at any level you want).
And by the way I would recommend you using already established federation protocols (i.e., WIF) for handling authenticaion between several applications.
We are developing an ASP.NET web application, this application will generate pages base on meta data (automatic page and controls generation), after this generation a javascript framework will load data for every control found on the generated page by invoking the WCF Rest service
my first question is : is it possible to share session data between the ASP.NET web application and WCF Rest service and how to do that? for the first uses we will deploy the ASP.NET web application and its service on the same machin to reduce complexity
my second question is : wich cache-framework you recommend to cache data on the WCF Rest services? we will not cache the output responses of the wcf service instead we will cache the modified user data on the service to simulate a user session
I would appreciate any help on how to deal with this problem
Thanks in advance
Regards
A good article on asp.net sessions from wcf
I don't have any problems with System.Web.HttpRuntime.Cache in WCF (I am only hosting the WCF in IIS - for sure). MemCache is very popular otherwise.
We have WCF based SOA architecture and ASP.NET web application consume the services hosted. Within each method that needs service call, we create a proxy instance and close when the results are returned. The binding is basicHttpBinding. By default InstanceContextMode is per session, do we need to change this to Percall as we do not require any state full calls in the application. Does this improve any performance?
If I have an application (on C#) that runs under a user context (ex. DOMAIN\StandardUser) which makes a call to a Web Service, which has the web service worker process running under a different context (ex. DOMAIN\WebServiceUser), and that web service connects to a SQL database, which user context does the database connect from, the StandardUser or the WebServiceUser?
Thanks,
use integrated security, so your user context will also use for web service.