Sharing Authentication, Profile and Role data between Web Applications and Windows Forms applications using the ASP.NET Application Services

Some of us might have used the ASP.NET Authentication, Profile or Roles services that shipped with the .Net Framework 3.5. Another advantage of these services is their integration with windows forms applications and the fact that user authentication, role and profile data can be shared between windows forms and web applications.

Scenario: Lets say a company “Contoso” has a few in-house applications, some built as web applications and some as Windows Forms applications. Contoso wants to have user information along with their roles stored at one location and wants all of its applications to use the same store to authenticate users as well as authorize requests for various resources based on their roles. Contoso also wants the user settings / preferences to be shared between all these applications. This can quite easily be accomplished by using the inbuilt ASP.NET Application Services. The Web Applications can be setup to use the ASP.NET Authentication, Roles and Profile services . The Windows Forms applications can be setup to use the ASP.NET Application Services from one of those web applications. Here's a walk-through.

Step A- Create the online ASP.NET Application Services

1. Open Visual Studio 2008 and create a website targeting the .Net Framework version 3.5. Lets call this website “AppServices”

2. Let’s turn on the Authentication, Profile and Roles services –

To do this all we simply need to do is add the following to the web.config file of the AppServices website. "prop1" and "prop2" are the profile properties we'll expose further below.

<system.web.extensions>
        <scripting>
            <webServices>
                <authenticationService enabled="true"/>
                <roleService enabled="true"/>
                <profileService enabled="true" readAccessProperties="prop1,prop2" 
                        writeAccessProperties="prop1,prop2"/>
            </webServices>
        </scripting>
    </system.web.extensions>

By default, this causes the default Membership, Profile and Role providers to be used, which in turn use SqlExpress (by default) to create and access the database. SQL server can also be used. These providers can be changed to go against any database and are also explained in other articles.

3. Let’s use Forms Authentication for the purposes of this sample. So set the following into the web.config file:

<authentication mode="Forms" />

4. We’ll need to enable the RoleManager, so lets add the following to the web.config file under the “<system.web>” section:

<roleManager enabled="true"></roleManager>

5. Lets enable some profile properties for use in a windows forms application, so lets add the following to the web.config file under the “<system.web>” section:

<profile enabled="true">
    <properties>
        <add name="prop1" type="System.String"/>
        <add name="prop2" type="System.String"/>
    </properties>
</profile>

6. Let’s now setup some users and Roles. This can be done through a fancier UI, but for now, let’s just do it through code. We’ll create a page called “CreateUsersAndRoles.aspx” inside this website and let’s copy the following code into its Page_Load method.

protected void Page_Load(object o, EventArgs e)
    {
        //Lets create two roles
        Roles.CreateRole("Admin");
        Roles.CreateRole("User");

        //Lets also create two users
        MembershipCreateStatus status;
        MembershipUser user1 = Membership.CreateUser("user1", "Password@1", 
            "someemail@email.com", "question", "answer", true, out status);
        MembershipUser user2 = Membership.CreateUser("user2", "Password@1", 
            "someemail@email.com", "question", "answer", true, out status);

        // Now let's assign these users to their roles
        Roles.AddUserToRole("user1", "Admin");
        Roles.AddUserToRole("user2", "User");
    }

The Application Services are now setup.

Step B - Create the Windows Forms Application

1. Through Visual Studio 2008, create a new Windows Forms Application (Lets call it MyWinFormsApp) targeting the .Net Framework version 3.5

2. Go to the project properties, and in the services tab, check the "Enable client application services" checkbox. Select "Use Forms Authentication". Also set the service locations as below ("http://localhost/AppServices/" in this case).

3. On  the Settings tab, click the "Load Web Settings" button. Authenticate as a user in the database ("user1", "Password@1" in this case). Click the "login" button. You should see something like:

Step C. And we're done!

To use authentication, profiles and roles, a small example is:

if (!Membership.ValidateUser("user1", "Password@1"))
{
    MessageBox.Show("Unable to authenticate.", "Not logged in",
        MessageBoxButtons.OK, MessageBoxIcon.Error);
    Application.Exit();
}
else
{
    IIdentity user = System.Threading.Thread.CurrentPrincipal.Identity;
    MessageBox.Show("Logged in user is " + 
    user.Name);
    MessageBox.Show("Is user in role: " + 
        Roles.IsUserInRole(user.Name,"Admin"));
    Properties.Settings.Default.prop1 = "foo";
    Properties.Settings.Default.prop2 = "bar";
    MessageBox.Show(Properties.Settings.Default.prop1 + 
        Properties.Settings.Default.prop2);
}

Note: There are also tutorials on the internet that explain how to use "Client Application Services" in Windows Forms Applications even in offline / disconnected mode. Note that the users are being authenticated, or profile data being accessed through calls to the application services hosted through the web application.

Carl Dacosta
ASP.NET QA Team