Tutorial :AJAX and asp.net security question


I have a couple of questions regarding security mechanisms in asp.net (2.0).

I have always been using Forms authentication + Page.User for validating permissions.

Now I need to send some data from client side javaScript (jQuery) to a WCF service. Will my IPrincipal be still accessible from HttpContext of WCF service (I'm hosting my services on same IIS, same domain).

I'm particulary interested if $.Ajax will grab client authentication cookie and assign it to HttpContext on the server (or does it happen automagically)?

What are possible gotchas / pitfalls here?

Thank you.


You can, but need to set this property in web.config of your WCF service.

<system.serviceModel>      <serviceHostingEnvironment aspNetCompatibilityEnabled="true" />  </system.serviceModel>  


I'm answering my own question. This article by Dino Esposito explains it all: http://msdn.microsoft.com/en-us/magazine/cc793961.aspx


Note:If u also have question or solution just comment us below or mail us on toontricks1994@gmail.com
Next Post »