Gal Ratner
Gal Ratner is a Techie who lives and works in Los Angeles CA and Austin TX. Follow galratner on Twitter Google
Forms authentication with Client Application Services

System.Web.ClientServices.Providers contains client service providers that support remote access to the Microsoft Ajax authentication, roles, and profile services.
Today we will be looking at a common use case and solve it using client application services. We have a remote website containing the default ASP.NET membership provider and we need to access it from another website in order to log on a remote user.
In order to enable client application services in the remote site we need to change the web.config

<authenticationService enabled="true" requireSSL="false" />
<profileService enabled="true" />
<roleService enabled="true" />

In our local website we need to define the remote authentication service

<membership defaultProvider="ClientAuthenticationMembershipProvider" userIsOnlineTimeWindow="120">
<clear />
<add name="ClientAuthenticationMembershipProvider" type="System.Web.ClientServices.Providers.ClientFormsAuthenticationMembershipProvider, System.Web.Extensions, Version=, Culture=neutral, PublicKeyToken=31bf3856ad364e35" serviceUri="" credentialsProvider="" />
<roleManager enabled="true" cacheRolesInCookie="false" cookieTimeout="30" cookieRequireSSL="false" cookieSlidingExpiration="true" cookieProtection="All" defaultProvider="ClientRoleProvider" createPersistentCookie="false" maxCachedResults="25">
<clear />
<add name="ClientRoleProvider" type="System.Web.ClientServices.Providers.ClientRoleProvider, System.Web.Extensions, Version=, Culture=neutral, PublicKeyToken=31bf3856ad364e35" serviceUri="" cacheTimeout="86400" />

In order to validate user credentials and log the remote user to our local website we need to use ClientFormsAuthenticationMembershipProvider

public static void ValidateUser(string userName, string password)
              ClientFormsAuthenticationMembershipProvider provider = (ClientFormsAuthenticationMembershipProvider)System.Web.Security.Membership.Providers["ClientAuthenticationMembershipProvider"];
if (provider.ValidateUser(userName, password))
FormsAuthentication.RedirectFromLoginPage(userName, true);
catch (WebException e)
throw new BusinessLayerException("Unable to access the remote service.", e);

Now the remote user is logged into the local system. Client Application Services was initially created to assist desktop applications with remote authentication, but, will work great with websites too.


Posted 25 Jan 2011 1:14 PM by Gal Ratner
Filed under:

Powered by Community Server (Non-Commercial Edition), by Telligent Systems