Authenticating Clients - DeskTop application
71 views
Skip to first unread message
george.n...@hotmail.com
Mar 23, 2013, 9:58:02 AM3/23/13
to web...@googlegroups.com
Hi,
I am trying to authenticate a client originating from a windows forms application. Your documentation states that this should be handled on the <WebSyncEvent(EventType.BeforeConnect)> event in the server, the example citing only the case if forms authentication is used in the server.
I need to implement a client authentication policy base on some credentials the user sends when using the client.connect function, the client.DynamicProperties being a possible place to store these credentials but these are not passed to the server in the BeforeConnect event.
Is there any other way to implement this requirement?
Thanks again for support,
Regards,
George
Ben Swayne
Mar 23, 2013, 11:08:14 AM3/23/13
to web...@googlegroups.com
Hi George,
There is a "MetaJson" property on the ConnectArgs for you to place any arbitrary data you like. Just serialize your data into Json and put it in the ConenctArgs.MetaJson. The MetaJson is standard across all platforms and all transport types (doesn't matter if its coming from a browser or native app, running over long polling of websockets - it will always be there). This sounds like what you are looking for.
There is also two events on the client, OnRequestCreated and OnHttpRequestCreated, which allow you to modify the actual request objects before they are used to communicate with the server. This can be helpful if you want to simulate web authentication from a native app by setting a Cookie/CookieContainer on the request, or setting some sort of HttpHeader. Of course this technique won't apply the same across all platforms or transport layers. The JavaScript client will naturally set its own cookies and headers, where as a native app will not. Also a WebSockets connection will have a different lifecycle than a long polling transport. So unless you really need this lower level access, I'd recommend sticking with MetaJson.
Regards,
There is a "MetaJson" property on the ConnectArgs for you to place any arbitrary data you like. Just serialize your data into Json and put it in the ConenctArgs.MetaJson. The MetaJson is standard across all platforms and all transport types (doesn't matter if its coming from a browser or native app, running over long polling of websockets - it will always be there). This sounds like what you are looking for.
There is also two events on the client, OnRequestCreated and OnHttpRequestCreated, which allow you to modify the actual request objects before they are used to communicate with the server. This can be helpful if you want to simulate web authentication from a native app by setting a Cookie/CookieContainer on the request, or setting some sort of HttpHeader. Of course this technique won't apply the same across all platforms or transport layers. The JavaScript client will naturally set its own cookies and headers, where as a native app will not. Also a WebSockets connection will have a different lifecycle than a long polling transport. So unless you really need this lower level access, I'd recommend sticking with MetaJson.
Regards,
--
You received this message because you are subscribed to the Google Groups "WebSync" group.
To unsubscribe from this group and stop receiving emails from it, send an email to websync+u...@googlegroups.com.
To post to this group, send email to web...@googlegroups.com.
Visit this group at http://groups.google.com/group/websync?hl=en.
To view this discussion on the web visit https://groups.google.com/d/msg/websync/-/c_3R9s35qkcJ.
For more options, visit https://groups.google.com/groups/opt_out.
richlou...@gmail.com
Apr 23, 2013, 4:46:59 AM4/23/13
to web...@googlegroups.com
Hi,
However, our production environment uses SSL with integrated authentication therefore I have changed the URL to use https instead of http (this is fine):
In your previous reply you state:
Rich
I am also experiencing a similar problem which I am hoping you can help with.
I can written a console application that can successfully connect to the WebSync server in our development environment:
websyncHandlerPath = "http://.../websync.ashx";
var client = new Client(websyncHandlerPath);
client.Connect(new ConnectArgs
{
.
.
.
}); However, our production environment uses SSL with integrated authentication therefore I have changed the URL to use https instead of http (this is fine):
websyncHandlerPath = "https://.../websync.ashx";In your previous reply you state:
"There is a "MetaJson" property on the ConnectArgs for you to place any arbitrary data you like. Just serialize your data into Json and put it in the ConenctArgs.MetaJson."
The problem I am having is with the integrated authentication (I receive a 401 error from the server when I try to connect on production), could you please provide a code example of how I would supply username/password credentials (and serialize into Json) within the MetaJson property?
Many Thanks,
Rich
Anton Venema
Apr 23, 2013, 11:30:40 AM4/23/13
to web...@googlegroups.com
Hi Rich,
It's super easy. Just assign the JSON string with your username/password to MetaJson. You can use whatever JSON library you like - Json.NET, DataContractJsonSerializer, etc. We provide a "Json" class that wraps the DataContractJsonSerializer, so if you go that route, here's how you would do it.
[DataContract]
class Credentials
{
[DataMember]
public string Username { get; set; }
[DataMember]
public string Password { get; set; }
}
}
Client
client.Connect(new ConnectArgs
{
MetaJson = Json.Serialize(new Credentials
{
MetaJson = Json.Serialize(new Credentials
{
Username = "...",
Password = "..."
});
});
Server
[WebSyncEvent(EventType.BeforeConnect)]
public static void Authenticate(object sender, WebSyncEventArgs e)
{
var credentials = Json.Deserialize<Credentials>(e.MetaJson);
if (!Authenticate(credentials))
{
e.Cancel("Authentication failed.");
}
}
}
}
Anton Venema
Frozen Mountain Software604-227-2458 (Canada)
919-300-5520 (United States)
888-379-6686 (Extension 102)
www.frozenmountain.com
To view this discussion on the web visit https://groups.google.com/d/msg/websync/-/yZB3ISe-4wEJ.
Reply all
Reply to author
Forward
0 new messages