Solved

WCF session management

Posted on 2012-04-04
2
373 Views
Last Modified: 2012-09-24
OK so,

I have a multi-tenanted SQL database with a "domid" column in each table which defines which tenant that row is for. It works pretty well as the software just appends the current users id to each database request. I have been asked to write/implement a WCF service to interface with the database so that they can start writing other applications to leverage off the information contained within the database.

I'm new to WCF services but have managed to throw together a quick service which does username password and domain authentication. My question is this:

Company 1 logs in to the software and their username and password (hashed... not plain text) is sent via WCF and a bool is returned. From here, how do/should I ensure that this login is associated with each of the users subsequent requests. i.e. user logs in, and then requests a list of all their customers with current outstanding balance. I can't use their domid anymore because what's stopping a smart user changing it in the request? Is their some kind of session handling that i can use? if their is, is this functionality usable by non .net frameworks (like java script or iOS for example).

to date all access has been via a remote desktop connection to a server, which then has the software installed on it and make direct sql requests. What I want to do it to replace this with a WCF interface which handles all the authentication and data retrieval but don't understand/know now to get some form of state-full session handling in place. I've been trying to look for information somewhere but as you might be able to tell from the wording of my question, I don't really know what terminology to use to try and find what i'm looking for.

Or, am I going about this all wrong. Should I look at changing the way the whole thing works, change the Database to something different like different schema's for each tenant instead. My understanding is that it would remove some of the security issues but still doesn't fix my session issue.

Any points or resources anybody can point me to would be most helpful. Also, if anybody has done this before I'd love to hear how you did it.
0
Comment
Question by:neutral_penguin
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 25

Accepted Solution

by:
apeter earned 500 total points
ID: 37816957
The word session is different in ASP.Net and WCF.  this link will tell you what is session in WCF is, http://msdn.microsoft.com/en-us/library/ms733040.aspx.

Below link should help you in your scenario.

http://weblogs.asp.net/cibrax/archive/2008/01/22/authenticating-users-with-supporting-tokens-in-wcf.aspx
http://msdn.microsoft.com/en-us/library/bb386582.aspx
0
 
LVL 1

Expert Comment

by:vipin_soft
ID: 37969983
You can also use Structure map for session.Please check this follwing link:-

http://lostechies.com/jimmybogard/2008/07/30/integrating-structuremap-with-wcf/
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Wouldn’t it be nice if you could test whether an element is contained in an array by using a Contains method just like the one available on List objects? Wouldn’t it be good if you could write code like this? (CODE) In .NET 3.5, this is possible…
Entity Framework is a powerful tool to help you interact with the DataBase but still doesn't help much when we have a Stored Procedure that returns more than one resultset. The solution takes some of out-of-the-box thinking; read on!
Come and listen to Percona CEO Peter Zaitsev discuss what’s new in Percona open source software, including Percona Server for MySQL (https://www.percona.com/software/mysql-database/percona-server) and MongoDB (https://www.percona.com/software/mongo-…
In this video, viewers will be given step by step instructions on adjusting mouse, pointer and cursor visibility in Microsoft Windows 10. The video seeks to educate those who are struggling with the new Windows 10 Graphical User Interface. Change Cu…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question