Solved

WCF session management

Posted on 2012-04-04
2
367 Views
Last Modified: 2012-09-24
OK so,

I have a multi-tenanted SQL database with a "domid" column in each table which defines which tenant that row is for. It works pretty well as the software just appends the current users id to each database request. I have been asked to write/implement a WCF service to interface with the database so that they can start writing other applications to leverage off the information contained within the database.

I'm new to WCF services but have managed to throw together a quick service which does username password and domain authentication. My question is this:

Company 1 logs in to the software and their username and password (hashed... not plain text) is sent via WCF and a bool is returned. From here, how do/should I ensure that this login is associated with each of the users subsequent requests. i.e. user logs in, and then requests a list of all their customers with current outstanding balance. I can't use their domid anymore because what's stopping a smart user changing it in the request? Is their some kind of session handling that i can use? if their is, is this functionality usable by non .net frameworks (like java script or iOS for example).

to date all access has been via a remote desktop connection to a server, which then has the software installed on it and make direct sql requests. What I want to do it to replace this with a WCF interface which handles all the authentication and data retrieval but don't understand/know now to get some form of state-full session handling in place. I've been trying to look for information somewhere but as you might be able to tell from the wording of my question, I don't really know what terminology to use to try and find what i'm looking for.

Or, am I going about this all wrong. Should I look at changing the way the whole thing works, change the Database to something different like different schema's for each tenant instead. My understanding is that it would remove some of the security issues but still doesn't fix my session issue.

Any points or resources anybody can point me to would be most helpful. Also, if anybody has done this before I'd love to hear how you did it.
0
Comment
Question by:neutral_penguin
2 Comments
 
LVL 25

Accepted Solution

by:
apeter earned 500 total points
ID: 37816957
The word session is different in ASP.Net and WCF.  this link will tell you what is session in WCF is, http://msdn.microsoft.com/en-us/library/ms733040.aspx.

Below link should help you in your scenario.

http://weblogs.asp.net/cibrax/archive/2008/01/22/authenticating-users-with-supporting-tokens-in-wcf.aspx
http://msdn.microsoft.com/en-us/library/bb386582.aspx
0
 
LVL 1

Expert Comment

by:vipin_soft
ID: 37969983
You can also use Structure map for session.Please check this follwing link:-

http://lostechies.com/jimmybogard/2008/07/30/integrating-structuremap-with-wcf/
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

This document covers how to connect to SQL Server and browse its contents.  It is meant for those new to Visual Studio and/or working with Microsoft SQL Server.  It is not a guide to building SQL Server database connections in your code.  This is mo…
More often than not, we developers are confronted with a need: a need to make some kind of magic happen via code. Whether it is for a client, for the boss, or for our own personal projects, the need must be satisfied. Most of the time, the Framework…
When you create an app prototype with Adobe XD, you can insert system screens -- sharing or Control Center, for example -- with just a few clicks. This video shows you how. You can take the full course on Experts Exchange at http://bit.ly/XDcourse.
This tutorial demonstrates a quick way of adding group price to multiple Magento products.

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now