B
Bardo
Hi all,
Sorry for the vague subject - very hard with the 70 character limit.
I have the following scenario that is working via the HttpWebRequest class,
but I need to get it working via WCF:
I need to integrate with a system that requires an initial "authentication"
request, which contains the username and password in the URL (this is a 3rd
party system and therefore this approach cannot be changed). The URL for this
request is different to the standard URL I will be posting data to. This
initial request returns a cookie with a session ID in it, which should be
provided on subsequent requests.
I have found that WCF provides some mechanisms for providing (from what I
can determine is essentially the "session ID" value I referred to) the
Security Context Token (SCT) for secure sessions. However, I cannot
determine how best to perform this "two request" approach because the
authentication request is NOT to the same address as the subsequent requests,
and so I assume I cannot use the same transport binding for both requests?
Essentially I need to be able to provide a binding which shields any callers
from knowing that there are multiple requests occuring due to the service
handshake.
Any pointers in the right direction would be greatly appreciated.
Thanks,
Bardo
Sorry for the vague subject - very hard with the 70 character limit.
I have the following scenario that is working via the HttpWebRequest class,
but I need to get it working via WCF:
I need to integrate with a system that requires an initial "authentication"
request, which contains the username and password in the URL (this is a 3rd
party system and therefore this approach cannot be changed). The URL for this
request is different to the standard URL I will be posting data to. This
initial request returns a cookie with a session ID in it, which should be
provided on subsequent requests.
I have found that WCF provides some mechanisms for providing (from what I
can determine is essentially the "session ID" value I referred to) the
Security Context Token (SCT) for secure sessions. However, I cannot
determine how best to perform this "two request" approach because the
authentication request is NOT to the same address as the subsequent requests,
and so I assume I cannot use the same transport binding for both requests?
Essentially I need to be able to provide a binding which shields any callers
from knowing that there are multiple requests occuring due to the service
handshake.
Any pointers in the right direction would be greatly appreciated.
Thanks,
Bardo