How to: Enable the WCF Role Service
This topic shows how to configure the ASP.NET role service on a Web server to make it available to clients that use the Windows Communication Foundation (WCF).
If a role name could be used by a malicious user to expose sensitive data, or if the role name is stored in a persistent cookie, access the role service over the secure sockets layer (SSL, by using HTTPS protocol). For information about how to set up SSL, see Configuring Secure Sockets Layer (IIS 6.0 Operations Guide) and Configuring Secure Sockets Layer in IIS 7.0 on the Microsoft Web site.
To configure the ASP.NET role service as a WCF service
If you do not already have an ASP.NET Web application, create one.
Enable forms authentication in the Web application. For more information, see Configuring an ASP.NET Application to Use Membership.
Enable roles in the Web application. For more information, see Understanding Role Management.
Provide a way for users to log in to the Web application.
When you retrieve roles through the WCF role service, you can also log users in through the WCF authentication service. For information about how to set up the WCF authentication service, see How to: Enable the WCF Authentication Service.
Add a service file (.svc) to the Web site that contains the following directive to reference the RoleService class:
<%@ ServiceHost Language="VB" Service="System.Web.ApplicationServices.RoleService" Factory="System.Web.ApplicationServices.ApplicationServicesHostFactory" %>
<%@ ServiceHost Language="C#" Service="System.Web.ApplicationServices.RoleService" Factory="System.Web.ApplicationServices.ApplicationServicesHostFactory" %>
Save the .svc file and close it.
Make the following configuration settings in the Web.config file to configure the service and to require SSL:
Enable the role service in the roleService element.
Define the endpoint contract in the services element and the service behavior in the behaviors element. Include the bindingNamespace property in the endpoint contract in order to prevent an exception in some proxy generation tools. For more information about WCF endpoints, see Windows Communication Foundation Endpoints.
Configure the serviceHostingEnvironment element for ASP.NET compatibility. For more information about how to host WCF services, see WCF Services and ASP.NET.
Create a binding in the bindings element that requires SSL. For more information about transport security in WCF, see Transport Security.
The following example shows the system.serviceModel element from a Web.config file that shows the configuration settings described in the previous list.
<system.web.extensions> <scripting> <webServices> <roleService enabled="true"/> </webServices> </scripting> </system.web.extensions> <system.serviceModel> <services> <service name="System.Web.ApplicationServices.RoleService" behaviorConfiguration="ApplicationServiceTypeBehaviors"> <endpoint contract= "System.Web.ApplicationServices.RoleService" binding="basicHttpBinding" bindingConfiguration="userHttps" bindingNamespace="http://asp.net/ApplicationServices/v200"/> </service> </services> <bindings> <basicHttpBinding> <binding name="userHttps"> <security mode="Transport" /> </binding> </basicHttpBinding> </bindings> <behaviors> <serviceBehaviors> <behavior name="ApplicationServiceTypeBehaviors"> <serviceMetadata httpGetEnabled="true"/> </behavior> </serviceBehaviors> </behaviors> <serviceHostingEnvironment aspNetCompatibilityEnabled="true"/> </system.serviceModel>
If you are working with sensitive user data, access the authentication service over the secure sockets layer (SSL, by using HTTPS protocol). For information about how to set up SSL, see Configuring Secure Sockets Layer (IIS 6.0 Operations Guide) and Configuring Secure Sockets Layer in IIS 7.0 on the Microsoft Web site.