ASP.NET成员资格 - 在同一WebApp中调用WebService时,经过身份验证的用户会丢失

时间:2009-06-03 22:02:17

标签: asp.net wcf web-services asp.net-membership forms-authentication

我使用ASP.NET登录控件进行身份验证。

我有一些用户,他们可以成功登录。经过身份验证后,我会重定向到页面helloworld.aspx。在Page_Load方法中,我首先调用Membership.GetUser()。这将正确返回经过身份验证的用户。然后,我调用驻留在同一WebApplication中的简单WCF Web服务。我的WebService调用的第一行是相同的Membership.GetUser()。这次虽然它返回NULL。

有什么想法吗?

谢谢, 贾斯汀

以下是一些代码段

JustinPage.aspx 

public partial class JustinPage : System.Web.UI.Page
{
    protected void Page_Load(object sender, EventArgs e)
    {
        MembershipUser user = Membership.GetUser();
        // user is a valid user

        JustinService.JustinTestServiceClient justin = new CMS.WEB.JustinService.JustinTestServiceClient();
        justin.DoWork();
    }
}

JustinTestService.svc.cs 

[ServiceContract(Namespace = "")]
[AspNetCompatibilityRequirements(RequirementsMode = AspNetCompatibilityRequirementsMode.Allowed)]
public class JustinTestService
{
    [OperationContract]
    public void DoWork()
    {
        MembershipUser user = Membership.GetUser();
        // user is NULL ???  Why?
        return;
    }
}

如前所述,服务源代码与Justin.aspx位于相同的Web应用程序中,您可以通过端点看到(注意我的应用程序已在端口19003上修复)...

端点地址=“http:// localhost:19003 / Services / JustinTestService.svc”     binding =“basicHttpBinding”bindingConfiguration =“BasicHttpBinding_JustinTestService”     contract =“JustinService.JustinTestService”name =“BasicHttpBinding_JustinTestService”/

此外绑定看起来像这样......

< binding name =“BasicHttpBinding_JustinTestService”closeTimeout =“00:01:00”      openTimeout =“00:01:00”receiveTimeout =“00:10:00”sendTimeout =“00:01:00”      allowCookies =“false”bypassProxyOnLocal =“false”hostNameComparisonMode =“StrongWildcard”      maxBufferSize =“65536”maxBufferPoolSize =“524288”maxReceivedMessageSize =“65536”      messageEncoding =“Text”textEncoding =“utf-8”transferMode =“Buffered”      useDefaultWebProxy = “真” >      < readerQuotas maxDepth =“32”maxStringContentLength =“8192”maxArrayLength =“16384”       maxBytesPerRead =“4096”maxNameTableCharCount =“16384”/>      < security mode =“None”>             < /安全>     < /结合>

也许它与< security mode =“None”>有关; ???

2 个答案:

答案 0 :(得分:0)

问题是Web服务调用不是来自用户进行身份验证的浏览器。相反,您从应用程序发起Web服务调用(您的Web服务器正在为您的Web服务器创建HTTP请求!)。

答案 1 :(得分:0)

获取提琴手,看看是否通过网络发送了身份验证Cookie。

如果不是,您可能需要在请求中将其捆绑到服务中。

像这样的东西

Service1Client ws = new Service1Client(); // Name of webclient proxy
            using (OperationContextScope scope = new OperationContextScope(ws.InnerChannel))
            {
                HttpRequestMessageProperty httpRequest = new HttpRequestMessageProperty();
                OperationContext.Current.OutgoingMessageProperties.Add(HttpRequestMessageProperty.Name, httpRequest);

                HttpCookieCollection cc = Page.Request.Cookies;
                if (Request.Cookies[".ASPXAUTH"] != null)
                {
                    HttpCookie aCookie = Request.Cookies[".ASPXAUTH"];
                    String authcookieValue = Server.HtmlEncode(aCookie.Value);
                    httpRequest.Headers.Add("Cookie: " + ".ASPXAUTH=" + authcookieValue);
                }

                // Make call to webservice here
                ws.MyWCFCall();

                HttpResponseMessageProperty response = (HttpResponseMessageProperty)OperationContext.Current.IncomingMessageProperties[HttpResponseMessageProperty.Name];
            }
相关问题
最新问题