I wanted to implement an ASP.NET Forms Authentication and Authorization procedures for my Windows Forms or WPF applications communicating with an ASP.NET WCF(and SOAP) web services.
Using Fiddler I investigated how Silverlight commnicates with its WCF RIA Services web service during login/logout procedures, and as far as I see this communication is just a set of POST and GET HTTP calls.
As far as I understand the actual Authentication and Authorization happens on WCF service side via ASP.NET Membership and Roles providers - I know how to handle this by code.
What I don't know for sure is what could be the most high level System.Net set of classes and their methods to implement an ASP.NET Forms Authentication and Authorization between a WinForms/WPF app and an ASP.NET WCF(/ and if possible also SOAP) Web Service, with communication session kept alive after login, with ASP.NET service/app cookies transferred here and there as transparently for me as possible (IOW without too much low level C#/.NET Framework programming). Would System.Net.WebClient be good enough to implement my task? Do you know any ready to use simple open source C# solutions?
Years ago I've blogged on that
http://www.wiktorzychla.com/2010/04/aspnet-forms-authentication-sharing-for.html
http://www.wiktorzychla.com/2008/02/clickonce-webservice-and-shared-forms.html
The idea is to share the forms authentication cookie so that the wcf service is also guarded by it. This way you can even run the application from within the browser (clickonce) or implement a custom login form that just sends the username/pwd to the server and gets the cookie and then uses it.
Technically, to have a wcf service guarded by forms cookies you need to take care of several key elements, all described in my blog entry.