Solved

WCF session management

Posted on 2012-04-04
2
368 Views
Last Modified: 2012-09-24
OK so,

I have a multi-tenanted SQL database with a "domid" column in each table which defines which tenant that row is for. It works pretty well as the software just appends the current users id to each database request. I have been asked to write/implement a WCF service to interface with the database so that they can start writing other applications to leverage off the information contained within the database.

I'm new to WCF services but have managed to throw together a quick service which does username password and domain authentication. My question is this:

Company 1 logs in to the software and their username and password (hashed... not plain text) is sent via WCF and a bool is returned. From here, how do/should I ensure that this login is associated with each of the users subsequent requests. i.e. user logs in, and then requests a list of all their customers with current outstanding balance. I can't use their domid anymore because what's stopping a smart user changing it in the request? Is their some kind of session handling that i can use? if their is, is this functionality usable by non .net frameworks (like java script or iOS for example).

to date all access has been via a remote desktop connection to a server, which then has the software installed on it and make direct sql requests. What I want to do it to replace this with a WCF interface which handles all the authentication and data retrieval but don't understand/know now to get some form of state-full session handling in place. I've been trying to look for information somewhere but as you might be able to tell from the wording of my question, I don't really know what terminology to use to try and find what i'm looking for.

Or, am I going about this all wrong. Should I look at changing the way the whole thing works, change the Database to something different like different schema's for each tenant instead. My understanding is that it would remove some of the security issues but still doesn't fix my session issue.

Any points or resources anybody can point me to would be most helpful. Also, if anybody has done this before I'd love to hear how you did it.
0
Comment
Question by:neutral_penguin
2 Comments
 
LVL 25

Accepted Solution

by:
apeter earned 500 total points
ID: 37816957
The word session is different in ASP.Net and WCF.  this link will tell you what is session in WCF is, http://msdn.microsoft.com/en-us/library/ms733040.aspx.

Below link should help you in your scenario.

http://weblogs.asp.net/cibrax/archive/2008/01/22/authenticating-users-with-supporting-tokens-in-wcf.aspx
http://msdn.microsoft.com/en-us/library/bb386582.aspx
0
 
LVL 1

Expert Comment

by:vipin_soft
ID: 37969983
You can also use Structure map for session.Please check this follwing link:-

http://lostechies.com/jimmybogard/2008/07/30/integrating-structuremap-with-wcf/
0

Featured Post

3 Use Cases for Connected Systems

Our Dev teams are like yours. They’re continually cranking out code for new features/bugs fixes, testing, deploying, testing some more, responding to production monitoring events and more. It’s complex. So, we thought you’d like to see what’s working for us.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

More often than not, we developers are confronted with a need: a need to make some kind of magic happen via code. Whether it is for a client, for the boss, or for our own personal projects, the need must be satisfied. Most of the time, the Framework…
Today I had a very interesting conundrum that had to get solved quickly. Needless to say, it wasn't resolved quickly because when we needed it we were very rushed, but as soon as the conference call was over and I took a step back I saw the correct …
This Micro Tutorial will teach you how to censor certain areas of your screen. The example in this video will show a little boy's face being blurred. This will be demonstrated using Adobe Premiere Pro CS6.
Along with being a a promotional video for my three-day Annielytics Dashboard Seminor, this Micro Tutorial is an intro to Google Analytics API data.

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now