search

liubiao4123 / servicestack

Automatically exported from code.google.com/p/servicestack
0 stars 0 forks source link

Pass on FormsAuthentication when issueing web requests #31

Closed GoogleCodeExporter closed 8 years ago

GoogleCodeExporter commented 8 years ago 
When 2 sites share the same FormsAuthentication configuration, one can login to 
site #1 and simultaneously be authenticated for site #2. It would be cool if 
this principle could be persisted for web services to enable easy and 
lightweight transparent authentication among sibling sites.

It actually takes very little effort in order to enable this, though I'm not 
sure whether it would introduce unwanted dependencies. Anyway, whenever a 
WebRequest.Create is issued (like in ServiceClientBase.SendRequest), for this 
to work, it should be decorated with the current cookies:

var cookie = 
HttpContext.Current.Request.Cookies[FormsAuthentication.FormsCookieName];
if (cookie != null)
{
  var authenticationCookie = new Cookie(
    FormsAuthentication.FormsCookieName,
    cookie.Value,
    cookie.Path,
    HttpContext.Current.Request.Url.Authority);

  httpWebRequest.CookieContainer = new CookieContainer();
  httpWebRequest.CookieContainer.Add(authenticationCookie);
}

Original issue reported on code.google.com by GrimaceO...@gmail.com on 24 Aug 2010 at 12:45

GoogleCodeExporter commented 8 years ago 
Yeah sounds useful however the code does introduce dependencies so I wasn't in 
love with it. However I've enabled this functionality by being able to 
injecting a static filter that will enable this behaviour. All you have to do 
is call:

HttpWebRequestConfig.Configure();

Once when your client app starts which sets this static method on 
ServiceClientBase:

ServiceClientBase.HttpWebRequestFilter = TransferAuthenticationTokens;

Then every subsequent request sent will apply that filter.

This is added in the next release which you can get immediately with the .dlls 
attached.

- Demis

Original comment by demis.be...@gmail.com on 24 Aug 2010 at 6:28

Attachments:

GoogleCodeExporter commented 8 years ago 
After I submitted the issue, I figured something like this would do the trick. 
Thanks a lot again!

Original comment by GrimaceO...@gmail.com on 25 Aug 2010 at 6:31

GoogleCodeExporter commented 8 years ago 
No probs :)

Original comment by demis.be...@gmail.com on 25 Aug 2010 at 6:33