c# - how to authenticate user with rest service-wcf WebHttpBindig? -
i have server-client project written in c#. want change client side web client can open browser. decided make wcf rest service replace server side. binding using service webhttpbinding. problem behavior of service. service data (vars etc..) initialize after every call. if add [servicebehavior(instancecontextmode = instancecontextmode.persession)]
doesn't change anything. if use [servicebehavior(instancecontextmode = instancecontextmode.single)]
, works guess service instance same every client.
i have simple html web page username , password client , post service. service check login info user database , response. problem can't save user status logged in or not because after every post/get method service reset.
what should do?
this pretty standard issue have deal when trying maintain session on http, webhttpbinding using. if try force have session, won't. restful services don't work way.
a high level overview of have have service create token gives client upon initial authentication (probably stored in cookie), client send each request. service can use token check if client logged particular account each request. want make tokens expire after duration (might 1 month, 1 week, 1 day, 10 minutes, depending on application).
you can find more information here:
spa best practices authentication , session management
authentication, authorization , session management in traditional web apps , apis
Comments
Post a Comment