11

Possible Duplicate:
Cross platform authentication using ASP.NET Web API

I want to create an asp.net web api with the new visual studio 11 beta. This web api will need to be accessed by different websites, desktop apps, and mobile apps. What is the best way to perform authentication/authorization for my web api. I need to make sure that all the apps calling the api are authenticated. Is there an easy way to do this with the new web api?

Community
  • 1
  • 1
MattMerrill
  • 111
  • 1
  • 1
  • 6

1 Answers1

14

I've done it by using a message handler to check for the auth header in the request and set up the identity so the [Authorize] attribute can do it's thing.

I've written a blog post on the subject..

Antony Scott
  • 21,690
  • 12
  • 62
  • 94
  • Thanks Antony! The solution you provided in your blog post looks like it might work for what I'm doing. Could you provide a little more code to actually show how your web api is using your BasicAuthenticationMessageHandler class in an example? That would be a big help since I am new to the whole web api model and how it a website would use it. Thanks. – MattMerrill Mar 27 '12 at 16:23
  • 1
    I've updated my blog post with details on how to hook up the message handler, other than that I am not sure what you mean when you say you need an example. Do you mean in the context of the controller code? As I already have the skeleton methods in my blog post. – Antony Scott Mar 27 '12 at 19:18