WindowsApplication and FormsAuthentication?

[Chad Yoshikawa]

I have a WebService that is using FormsAuthentication (setup in the
web.config file) as follows:

<authentication mode="Forms">
<forms name=".ASPXAUTH" loginUrl="https://foo.com/Register/Login.aspx"
protection="All" timeout="30" path="/" />
</authentication>

Accessing the web service via a browser is fine, because the user can
access the login page (which has a username/password form on it).

I want to be able to access the WebService using a WindowsApplication as
well. I'd like to use the same FormsAuthentication if possible. The
question I have, is how to go about doing this? My best guess is: I
would need to POST the username and password to the Login page, get back
the Cookie (a FormsAuthenticationTicket), and then add this cookie to
the WebService.CookiesContainer.

Does this sound right? Any suggestions would be much appreciated.
Thank you,

-Chad

 

[Jim Blizzard [MSFT]]

Hi Chad,

Thanks for posting to the newsgroup.

Have you looked at WS-Security, part of the Web Services Enhancements (WSE)
available from Microsoft?
http://www.microsoft.com/downloads/...9a-c5f6-4c95-87b7-fc7ab49b3edd&displaylang=en

It's not forms authentication, but it's a much more direct route to security
for Web services.

Hope this helps,
bliz

--
Jim Blizzard, MCSD .NET
Community Developer Evangelist | http://www.microsoft.com/communities
Microsoft

Your Potential. Our Passion.

This posting is provided as is, without warranty, and confers no rights.

 

[Chad Yoshikawa]

Thanks for the help - I'll check out the WSE 2.0

-Chad