3

I have been trying to implement an OData service based upon an entity framework model where the authentication is provided by Sql Azure. I provide row/column access within the database.

I want to be able to call this from LinqPad, Excel, etc. as a secure service.

I have tried the various schemes defined in the standard series but even though returning 401, neither Excel or LinqPad recall with the user name and password I've entered.

So, I thought I'd make the user name/password a query parameter (over SSL). But it turns out that's illegal as well (OData requires a well formed URL with no query parameters).

So then I thought, why not use WebGet to embed the user name and password in the URL but I can't get that to work with the OData source format in WCF:

<%@ ServiceHost Language="C#" Factory="System.Data.Services.DataServiceHostFactory, System.Data.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" Service="WebApplication5.OData" %>

public class OData : DataService< MyEntities >
{
public static void InitializeService(DataServiceConfiguration config)
    {
        config.SetEntitySetAccessRule("*", EntitySetRights.AllRead);
        config.DataServiceBehavior.MaxProtocolVersion = DataServiceProtocolVersion.V2;
    }
protected override MyEntities CreateDataSource()
{
    // create the OData source with the user name and password here
}
}

Has anyone actually got OData to work where the user name and password are passed into the source?

Glorfindel
  • 21,988
  • 13
  • 81
  • 109
jsh_ec
  • 31
  • 1
  • 3

2 Answers2

1

I've not used a username and password per-say but I have authenticated by an API key which is technically the same. See my answer here: WPF and WCF Data Services Authenticate at Query level? - I use HTTP headers to authenticate: Args.OperationContext.RequestHeaders["APIKey"]) but you can change this to Args.OperationContext.QueryString["APIKey"]) (not sure if QueryString is a property of the top of my head) to allow passing in ?APIKey=blah in the URL.

Community
  • 1
  • 1
eth0
  • 4,977
  • 3
  • 34
  • 48
0

I had a similar problem with OData for a Silverlight App with C# in that you had to create a new Uri (Url) and add in the credentials, either here or you can create a login screen to populate them:

ServiceReference1.NAV nav = new ServiceReference1.NAV(new Uri("http:...../OData/Company('company_name')/"));

nav.Credentials = new System.Net.NetworkCredential("user", "password", "domain");

Community
  • 1
  • 1