I followed the example in the article http://www.asp.net/aspnet/overview/owin-and-katana/owin-oauth-20-authorization-server
this works great for WEB API, how would I secure a WCF service the same way? I would like to have it communicate to the authorization server coded with OWIN and WEB API, is there a WCF binding that will communicate with it? or any other way to do this?
Related
I have experience in developing Restful web service using WCF. For the next project, I am considering Web API because that is the latest technology.
During my search, I found that an important reason for Web API recommendation is that it is Restful and can be accessed by HTTP protocol.
But we can also use WCF to create a restful web service that can be consumed even by mobile devices. I understand that to create a restful service using WCF, there is extra configuration involved, but besides that are there any other reasons for preferring Web API over WCF?
In other words, does Web API provide an exact subset of WCF functionality, or is there something you can do with Web API that you cannot do with a WCF service exposed as restful?
Need an advise on following.
What is the best option to host Signalr, could it be hosted as a WCF service?
This SignalR will be consumed by clients like web application (MVC4) and ios applications.
Thanks,
The answer is No as far as I know. You cannot host SignalR hubs as a WCF service. As alternative to hosting in a ASP.NET website, you can choose self hosting approach as explained here.
On the other hand, SignalR has client APIs for both ASP.NET and iOS/OSX. The easiest solution (and my recommendation) would be direct hub usage via the client API.
If you insist on to open a WCF endpoint to manage SignalR hubs, you can reach SignalR IHubContext from WCF by using GlobalHost.ConnectionManager.GetHubContext<YourHub>().
Only requirement here is that your WCF service must be hosted on the same web application with your SignalR hub. External WCF services from different service applications cannot reach your hubcontext.
I already have a WCF service that communicates through SOAP messages now I have a requirement to modify this service such that it can be consumed from JavaScript. The client asked me to look into WCF Web Api. I don't understand what are advantages I'm going to get using WCF Web Api than WCF RESTful services. Is WCF RESTful services is enough for this job?
WCF Web API is evolution of current WCF REST services = it will be the next version of WCF REST but at this time it is still preview.
I want to port an existing ASP.NET Web Service to WCF so the resulting Web Service (1) is RESTful, (2) uses JSON as its request/response format, (3) has a custom authentication mechanism.
After a lot of googling, random coding, and wanting to hit my head against the wall, I found that...
A webHttpBinding has to be used to make the Web Service RESTful. But...
webHttpBinding does not support HTTPS hosts.
webHttpBinding does not support UserName authentication.
webHttpBinding does not even support message security.
An endpoint behavior with <enableWebScript/> has to be used to support ASP.NET AJAX. But...
What is "ASP.NET" AJAX?
What if I want to consume the Web Service using "regular" AJAX?
And, most importantly...
Can WCF do what I want to do in first place?
If not, what other platforms could I use?
I've written WCF service that does both SOAP and REST with XML and JSON, and custom auth. I've pushed the custom authentication into HTTP module, which does basic auth over https. See Custom HTTP Basic Authentication for ASP.NET Web Services on .NET 3.5/VS 2008 and WCF POX, JSON and SOAP Coexist.
In the setup you describe, the web servier (i.e. IIS) will be responsible for encryption (HTTPS) and authentication (e.g. basic authentiction). IIS can be extended with a custom authentication mechanism (just google for "IIS module handler").
It's a bit strange that it has to be delegated to IIS and is not part of WCF. But it's no problem at all.
I am working on a asp.net mvc application and a WCF service which will be accessed by the mvc app. I am using WIF based STS website to do authentication and authorization on mvc app. Now I want to achieve the same thing on each method of web service.
I am thinking whether I can pass the claims info I have in MVC App to the WCF to do authentication and authorization. I dont want WCF to contact STS again for authentication. I cannot use windows authentication. I also want to make use of ClaimsAuthorizationManager to achieve this.
If anybody has some about it please share. It will be a big help for me.
Joe
If your WCF Service is not REST, then maybe you can find the answer here Identity Delegation with AD FS 2.0 Step-by-Step Guide
If your WCF Service is RESTful, check-out the example 8-ActiveRestClientFederation (download from Identity Guidance); Dominick Baier's guide Token-based Authentication for WCF REST Service and from Stefan's blog Secure your REST-based WCF service with WIF.
Hope this helps.