Custom User Name Password Validator to read from Database

Page 1 of 1

1 Replies - 224 Views - Last Post: 28 September 2012 - 06:17 AM Rate Topic: -----

#1 Best123  Icon User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 32
  • Joined: 05-August 10

Custom User Name Password Validator to read from Database

Posted 28 September 2012 - 05:29 AM

I am using a Custom User Name Password Validator in my WCF Service. It works if I hard code the username and password in the validator function, but , I am trying to have my WCF service to validate username and password against those stored in my database, and that part does not work.
Can some one please let me know if I am supposed to do something else to make it validate against credentials stored in the DB. I have tested the entire database connection and reader related code in the client application and it works. It does not work when I use it in the WCF service. Here is my code:
class CustomUserNamePassValidator : System.IdentityModel.Selectors.UserNamePasswordValidator
    {
        public override void Validate(string userName, string password)        
        {
            string MyUser = "";
            string MyPass = "";

            string connectionString = "Initial Catalog=MyDB;Data Source=MyServer;Integrated Security=SSPI";
            SqlConnection MyConnection = new SqlConnection(connectionString);
            try
            {
                using (MyConnection)
                {
                    SqlCommand command = new SqlCommand("Exec MyDB.dbo.GetCredentials", MyConnection);
                    MyConnection.Open();
                    SqlDataReader MyReader = command.ExecuteReader();
                    if (MyReader.HasRows)
                    {
                        while (MyReader.Read())
                        {
                            MyUser = MyReader["UserName"].ToString();
                            MyPass = MyReader["Passwrd"].ToString();
                        }
                    }

                    MyReader.Close();
                }
            }
            catch (Exception exp)
            {
                MyFaultException theFault = new MyFaultException();
                theFault.Reason = "Database Connection Error: " + exp.Message.ToString();
                throw new FaultException<MyFaultException>(theFault);
            }

            if (userName == null || password == null)
            {
                throw new SecurityTokenException("security Error: No Credentials Passed");                           
            }

            if (userName != MyUser && password != MyPass)
            {
                throw new SecurityTokenException("security Error: Wrong Credentials Passed");
            }

             //It works if I do it this way
            //if (!(userName == "MyUser" && password == "MyPass"))
            //{
            //    throw new SecurityTokenException("security Error: Wrong Credentials Passed");
            //}

            
        }


Is This A Good Question/Topic? 0
  • +

Replies To: Custom User Name Password Validator to read from Database

#2 macosxnerd101  Icon User is online

  • Self-Trained Economist
  • member icon




Reputation: 9153
  • View blog
  • Posts: 33,959
  • Joined: 27-December 08

Re: Custom User Name Password Validator to read from Database

Posted 28 September 2012 - 06:17 AM

Moved out of C# Advanced Discussion to C#. The Advanced Discussion forum isn't for help questions.
Was This Post Helpful? 0
  • +
  • -
Page 1 of 1