[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 522
  • Last Modified:

Windows Application with ASP.NET Credentials

Hi guys, Ok I will give my specs first, then I will tell my problem.
I got a web site using VB 2005 (C# and ASP.NET 2.0)
I got a database in SQL 2005. I am using in my web site the ASP.NET Web Site Administration Tool for the Secured and Encrypted Credentials.

NOW, I am creating a window application Form ok. In that application, I did a form for a Login. But I need that login to correspond with the Same credentials as the web site in the database. My problem is I dont know what to write in my App.Config

When I wrote my connectionString just as the same as in the web.config of the web site, I also put a  MachineKey for the encryption but it gives Error. Also, People that will log on the site and the application form are over the world. Its not just an Intranet (maybe it does a difference..)

Well...I hope you understand everything, if not tell me and I will detail a little more
Thank you
0
PhilippeRenaud
Asked:
PhilippeRenaud
  • 3
  • 3
1 Solution
 
slado2Commented:
Well, I don't think that you can use single-sign-on between winforms and asp.net applications using standard Membership provider.
However if you only need to validate users and roles you can easily do it in asp.net and winforms. It is well implemented in asp.net using System.Web.Security namespace that contains Membership, Role and other providers and you also have LoginView and other web controls available without coding a single line of code. In WinForms application you must make a reference to System.Web.Security and then you can use providers and their methods for validating users and roles. Just copy & paste the security settings from web.config to app.config.
0
 
PhilippeRenaudAuthor Commented:
what do you mean by I cant use single-sign-on
0
 
PhilippeRenaudAuthor Commented:
Look for exemple, PartyPoker or PokerStars ok ...
the user can go over the web site log in etc  and they can log the same credentials in the Application to start a game.

thats the big exemple a can give. Its the perfect exemple, I want to have the same thing exept that my application is not a game.

I red a little about WCF from Microsoft. Do you think that could help
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
slado2Commented:
You should write your own implementation of MembershipProvider which will authorize your users (both web and winforms). I suggest that you write your own webservice with at least one method ValidateUser(string Username, string Password) and your MembershipProvider will check user password against this webservice. So it will work from web and winform clients as well.
Your webservice then can check the credentials against your sql database.

Check these links of how to implement a MembershipProvider:
http://msdn2.microsoft.com/en-us/library/yh26yfzy.aspx
http://www.codeproject.com/aspnet/WSSecurityProvider.asp

Dont get confused with Microsoft pushing the security provider model only into asp.net. It works well in winforms applications too, you just have to make a reference to System.Web.Security assembly.
0
 
PhilippeRenaudAuthor Commented:
Okai so the webservice If I understand is for the security that no one would see the connectionString in the code because when you send the aplpication to someone its an EXE and its possible when youre enough smart to decode everytinhg and see the code behind right ?
0
 
slado2Commented:
Security is one thing that is good on webservices. But better that that is that webservices use standard HTTP on standard ports so the communicaion passes firewalls, proxy servers and other network devices.
0

Featured Post

Vote for the Most Valuable Expert

It’s time to recognize experts that go above and beyond with helpful solutions and engagement on site. Choose from the top experts in the Hall of Fame or on the right rail of your favorite topic page. Look for the blue “Nominate” button on their profile to vote.

  • 3
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now