These few days, I am trying to implement something based on my own interest. And I would like to host my business logic on my server. So Obviously WCF is a good choice. but I was thinking how can I make sure that my service can be only accessed by legitimate users instead of everyone, then I thought of Form Authentication, and it turns out Microsoft already provide a solution for this.
http://msdn.microsoft.com/en-us/library/bb386582.aspx
Given the fact that there are already pretty much articles about this topic on internet, I just want to write what I had been through.
- When you invoke the authentication service, if you get an error message say that the service is disabled. Make sure that the following few lines exist in your web.config file, and enabled has been set to true.
- Why IsLoggedIn function always return false, even right after login.
<system.web.extensions>
<scripting>
<webServices>
<authenticationService enabled="true"
requireSSL = "false"/>
</webServices>
</scripting>
</system.web.extensions>
Check your local config file, to make sure that allowCookies option had been turned on.
3. For all the service that protected by form authentication, when you call those services, make sure you had passed in the form cookie. otherwise , you will be kicked out.
No comments:
Post a Comment