If Your Users are in a Custom Store, Consider Using Username Authentication with a Custom Validator

- J.D. Meier, Carlos Farre, Jason Taylor, Prashant Bansode, Steve Gregersen, Madhu Sundararajan, Rob Boucher

If you need to use a custom authentication store, consider using username authentication with a custom username and password validator. Configure the custom validator in a service behavior and implement it in a class library. The username and password validator is used by your service to authenticate your users’ based on your custom user store.

The following configuration snippet shows how to configure a custom validator for your WCF service:
<serviceCredentials>
   <userNameAuthentication  
    userNamePasswordValidationMode="Custom"
   customUserNamePasswordValidatorType="MyUserNamePasswordValidator,Host"/>
</serviceCredentials>

The following code snippet shows how to implement a custom username and password validator:
using System;
using System.Collections.Generic;
using System.IdentityModel.Selectors;
using System.IdentityModel.Tokens;
using System.Text;

namespace DerivativesCalculator
{
    public class MyUserNamePasswordValidator : UserNamePasswordValidator
    {
        public override void Validate(string userName, string password)
        {
            Console.Write("\nValidating username, {0}, and password, {1} ... ", userName, password);
            if ((string.Compare(userName, "don", true) != 0) || (string.Compare(password, "hall", false) != 0))
            {
                throw new SecurityTokenException("Unknown user.");
            }
            Console.Write("Done: Credentials accepted. \n");
        }
    }
}

Last edited Jun 12, 2008 at 8:44 PM by prashantbansode, version 1

Comments

No comments yet.