This documentation is archived and is not being maintained.

How to: Use Non-default Membership Provider for WCF Authentication Service

This topic shows how to programmatically select the membership provider when you call the ASP.NET authentication service by using Windows Communication Foundation (WCF). You can use a non-default membership provider when you have to authenticate users by using different membership providers, based on information that you get at run time. To authenticate through a non-default membership provider, you create an event handler for the Authenticating event.

You use WCF for the authentication service to log on a user from a client application that can send and consume a SOAP 1.1 message, such as a Java application. The client application can authenticate the user by using the same user credentials as an ASP.NET Web application.

To authenticate using non-default membership provider

  1. Create and configure the membership provider you want to use.

    For more information, see Implementing a Membership Provider and Configuring an ASP.NET Application to Use Membership.

  2. In the Global.asax file, create an event handler for the Authenticating event and add code that authenticates user credentials by calling the custom membership provider.

    The following example shows a handler for the Authenticating event that authenticates credentials by using the providers named ContosoSqlProvider, FabrikamSqlProvider, or the default membership provider. The user credentials are stored in different databases based on the type of user. The event handler determines which provider to use based on the e-mail address that is provided as the user name.

    void AuthenticationService_Authenticating(object sender, System.Web.ApplicationServices.AuthenticatingEventArgs e)
        if (e.UserName.IndexOf("") >= 0)
            e.Authenticated = Membership.Providers["ContosoSqlProvider"].ValidateUser(e.UserName, e.Password);
        else if (e.UserName.IndexOf("") >= 0)
            e.Authenticated = Membership.Providers["FabrikamSqlProvider"].ValidateUser(e.UserName, e.Password);
            e.Authenticated = Membership.Provider.ValidateUser(e.UserName, e.Password);
        e.AuthenticationIsComplete = true;
  3. In the Application_Start method of the Global.asax file, bind the event handler for the Authenticating event.

    The following example shows how to bind a handler to the Authenticating event.

    void Application_Start(object sender, EventArgs e)
        System.Web.ApplicationServices.AuthenticationService.Authenticating +=
            new EventHandler<System.Web.ApplicationServices.AuthenticatingEventArgs>(AuthenticationService_Authenticating);
  4. Call the authentication service from an application that can read and consume a SOAP 1.1 message.

You must set up the authentication service on a Web server for the previous examples to work. For more information, see How to: Enable the WCF Authentication Service.

Always access the authentication service by using the Secure Sockets Layer (SSL), using HTTPS protocol.