WindowsApplication and FormsAuthentication?

[Chad Yoshikawa]

I have a WebService that is using FormsAuthentication (setup in the
web.config file) as follows:

<authentication mode="Forms">
<forms name=".ASPXAUTH" loginUrl="https://foo.com/Register/Login.aspx"
protection="All" timeout="30" path="/" />
</authentication>

Accessing the web service via a browser is fine, because the user can
access the login page (which has a username/password form on it).

I want to be able to access the WebService using a WindowsApplication as
well. I'd like to use the same FormsAuthentication if possible. The
question I have, is how to go about doing this? My best guess is: I
would need to POST the username and password to the Login page, get back
the Cookie (a FormsAuthenticationTicket), and then add this cookie to
the WebService.CookiesContainer.

Does this sound right? Any suggestions would be much appreciated.
Thank you,

-Chad

*** Sent via Developersdex [url]http://www.developersdex.com[/url] ***
Don't just participate in USENET...get rewarded for it!

[Jim Blizzard [MSFT]]

Hi Chad,

Thanks for posting to the newsgroup.

Have you looked at WS-Security, part of the Web Services Enhancements (WSE)
available from Microsoft?
[url]http://www.microsoft.com/downloads/details.aspx?familyid=21fb9b9a-c5f6-4c95-87b7-fc7ab49b3edd&displaylang=en[/url]

It's not forms authentication, but it's a much more direct route to security
for Web services.

Hope this helps,
bliz

--
Jim Blizzard, MCSD .NET
Community Developer Evangelist | [url]http://www.microsoft.com/communities[/url]
Microsoft

Your Potential. Our Passion.

This posting is provided as is, without warranty, and confers no rights.

"Chad Yoshikawa" <chadyoshikawa@yahoo.com> wrote in message
news:Oe7by1XrDHA.4004@TK2MSFTNGP11.phx.gbl...

>
>
> I have a WebService that is using FormsAuthentication (setup in the
> web.config file) as follows:
>
> <authentication mode="Forms">
> <forms name=".ASPXAUTH" loginUrl="https://foo.com/Register/Login.aspx"
> protection="All" timeout="30" path="/" />
> </authentication>
>
> Accessing the web service via a browser is fine, because the user can
> access the login page (which has a username/password form on it).
>
> I want to be able to access the WebService using a WindowsApplication as
> well. I'd like to use the same FormsAuthentication if possible. The
> question I have, is how to go about doing this? My best guess is: I
> would need to POST the username and password to the Login page, get back
> the Cookie (a FormsAuthenticationTicket), and then add this cookie to
> the WebService.CookiesContainer.
>
> Does this sound right? Any suggestions would be much appreciated.
> Thank you,
>
> -Chad
>
> *** Sent via Developersdex [url]http://www.developersdex.com[/url] ***
> Don't just participate in USENET...get rewarded for it!

[Chad Yoshikawa]

Thanks for the help - I'll check out the WSE 2.0

-Chad

*** Sent via Developersdex [url]http://www.developersdex.com[/url] ***
Don't just participate in USENET...get rewarded for it!