Architechture of service application in WCF

Question

I need some help with the architechture of a WCF application. The will be a number of services that should be available to serve a number of different clients, e.g.

Answer 1

You can (and should) decouple Authentication from service implementation so that you can vary these independently. This is possible by implementing (or reusing) a ServiceAuthorizationManager.

The nice thing about these is that they can be defined in .config and you can code your entire service without knowing anything about how the user authenticated.

If you need to know more about the user, you can use Thread.CurrentPrincipal.

---

To implement username/password validation, implement a UserNamePasswordValidator.