{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 倾城 Initia 的问题《Restrict Access in WCF using FormsAuthenticationTi》','https://www.manongdao.com/q-896756.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I've seen solutions where you can restrict access in WCF using the membership in asp.net.(How do I restrict access to some methods in WCF?) But i'm wondering if there is anything similar using the FormsAuthenticationTicket.
I don't have the Membership configured on my site, and i'm using the FormsAuthenticationTicket and methods in WCF to log in and so on.
The WCF-Service is not configured to use SSL YET, because the man i work for have not bought a cert trough our hosting company(don't know if relevant)
The main thing is that i need to protect my some methods in my WCF-Service from unauthorized access, and if theres another simpler solution i would love some input on that to.
I'm very new to WCF and security overall, but familiar in ASP.NET and C#. I would love for some pedagogical answers, and not just a solution or ideá
UPDATE: Some pastebin links for my solution:
wcf.svc http://pastebin.com/S3bTPKaV
wcf webconfig: http://pastebin.com/Pshf7STz
Client Webconfig: http://pastebin.com/QY9252mB
This is possible and is commonly used - you have to guard your calls with the principal permission requirement.
Here is one of tutorials by myself
http://netpl.blogspot.com/2010/04/aspnet-forms-authentication-sharing-for.html
Don't let the title mislead you, this is not not only about Silverlight but any other way of accessing the WCF service that is capable of carrying cookies.