Enables access to ASP.NET forms authentication as a Web service.
Assembly: System.Web.Extensions (in System.Web.Extensions.dll)
[ServiceBehaviorAttribute(Namespace = "http://asp.net/ApplicationServices/v200", InstanceContextMode = InstanceContextMode.Single, ConcurrencyMode = ConcurrencyMode.Multiple)] [ServiceContractAttribute(Namespace = "http://asp.net/ApplicationServices/v200")] [AspNetCompatibilityRequirementsAttribute(RequirementsMode = AspNetCompatibilityRequirementsMode.Required)] [AspNetHostingPermissionAttribute(SecurityAction.InheritanceDemand, Level = AspNetHostingPermissionLevel.Minimal)] [AspNetHostingPermissionAttribute(SecurityAction.LinkDemand, Level = AspNetHostingPermissionLevel.Minimal)] public class AuthenticationService
The object enables you to authenticate users through a Windows Communication Foundation (WCF) service. You use the WCF authentication service when you must authenticate users through ASP.NET membership from an application that is outside the Web application that stores the user credentials. The application must be able to send and consume message in the SOAP format. Through the class, you can log users in, log users out, validate credentials, check authentication status, customize authentication, and set the authentication cookie.
The class contains four methods that you should access only through a WCF service: the IsLoggedIn, Login, Logout, and ValidateUser methods. To call these methods, you enable the authentication service on a Web server and then connect a WCF-compatible client application to the Web service. For information about how to configure the authentication service, see How to: Enable the WCF Authentication Service.
To log users on, you pass the user credentials to the Login method. If the credentials are valid, the class creates an authentication cookie. If the authentication cookie has not expired, you know that the user's credentials have been authenticated and you do not have to validate the credentials again. (Cookie-less authentication is not available through the class.)
The can raise two events: Authenticating and CreatingCookie. The Authenticating event occurs when the user credentials are being validated. Create an event handler for the Authenticating event to customize how user credentials are validated. The CreatingCookie event occurs when the authentication cookie is being set after user credentials have been validated. Create an event handler for the CreatingCookie event to customize the authentication cookie.
The ValidateUser method checks user credentials for authentication, but it does not return an authentication ticket. Use ValidateUser when a user has previously logged in and you must check that the credentials are still valid at the start of a new application session.
For an example of using the WCF authentication service from a console application, see Walkthrough: Using ASP.NET Application Services.
Windows 7, Windows Vista, Windows XP SP2, Windows Server 2008 R2, Windows Server 2008, Windows Server 2003