1

I want to port an existing ASP.NET Web Service to WCF so the resulting Web Service (1) is RESTful, (2) uses JSON as its request/response format, (3) has a custom authentication mechanism.

After a lot of googling, random coding, and wanting to hit my head against the wall, I found that...

  1. A webHttpBinding has to be used to make the Web Service RESTful. But...

    1. webHttpBinding does not support HTTPS hosts.

    2. webHttpBinding does not support UserName authentication.

    3. webHttpBinding does not even support message security.

  2. An endpoint behavior with <enableWebScript/> has to be used to support ASP.NET AJAX. But...

    1. What is "ASP.NET" AJAX?

    2. What if I want to consume the Web Service using "regular" AJAX?

And, most importantly...

  1. Can WCF do what I want to do in first place?

  2. If not, what other platforms could I use?

isekaijin
  • 19,076
  • 18
  • 85
  • 153

2 Answers2

2

I've written WCF service that does both SOAP and REST with XML and JSON, and custom auth. I've pushed the custom authentication into HTTP module, which does basic auth over https. See Custom HTTP Basic Authentication for ASP.NET Web Services on .NET 3.5/VS 2008 and WCF POX, JSON and SOAP Coexist.

Community
  • 1
  • 1
Eugene Yokota
  • 94,654
  • 45
  • 215
  • 319
  • How do I write an HTTP module? I am a very newbie Web developer. – isekaijin May 13 '11 at 20:52
  • 1
    @Eduardo León when I Google "http module", the first page it comes up is the example code. Being a newbie can't be used as an excuse if the info is available readily. also did you follow the links I provided? – Eugene Yokota May 13 '11 at 21:29
1

In the setup you describe, the web servier (i.e. IIS) will be responsible for encryption (HTTPS) and authentication (e.g. basic authentiction). IIS can be extended with a custom authentication mechanism (just google for "IIS module handler").

It's a bit strange that it has to be delegated to IIS and is not part of WCF. But it's no problem at all.

Codo
  • 75,595
  • 17
  • 168
  • 206
  • "The web server will be responsible for encryption..." How? I tried using an HTTPS host with `webHttpBinding`, and I got an error. – isekaijin May 13 '11 at 20:15
  • Sorry, I could have made it much clearer: in this setup, you have to configure it in IIS (with the IIS manager / inetmgr.exe) and not in the WCF section of web.config (or whatever WCF configuration you use). – Codo May 13 '11 at 22:15
  • Is there any way I could make IIS use my custom `UserNamePasswordValidator`? – isekaijin May 13 '11 at 22:22
  • Assuming that your custom _UserNamePasswordValidator_ is used for authentication, I recommend you look at http://custombasicauth.codeplex.com/ for how to implement custom authentication and make it work with WCF. You can find more examples online. – Codo May 14 '11 at 07:58
  • I downloaded it, but how do I install it? There is no documentation whatsoever. – isekaijin May 14 '11 at 08:39