1

I developed a website in ASP.NET MVC 4 using NHibernate, now I need to perform an integration with the site using Windows Forms.

How can I perform authentication system using the same users? What technology should I use? Web API, SOAP or Rest?

Thanks!

Michel Andrade
  • 3,377
  • 5
  • 25
  • 26
  • What do you mean as "Windows forms"? this name is meant for Windows Application created by .NET... did you wanted to say that you need to authenticate in the Active Directory of the intranet domain? If yes... is the web server in the same domain as the Active Directory, or outside that network? – balexandre Nov 10 '12 at 00:15
  • balexandre, I mean Windows Forms Application. Thanks! – Michel Andrade Nov 10 '12 at 00:18
  • balexandre, I need to consume the users stored in my site. – Michel Andrade Nov 10 '12 at 00:20
  • 1
    ok... so why don't you use the same Database Layer and methods in your new Windows Forms App? if you follow the 3 tier Architecture principle, it's quite easy to just develop the Windows Form and still use all you had in the website. I do that every time. See my answer: http://stackoverflow.com/a/7510526/28004 – balexandre Nov 10 '12 at 00:33
  • for safety reasons I would not want to access the database directly, so I would have an extra layer of security. – Michel Andrade Nov 10 '12 at 00:46
  • If you have a **BLL (Business Logic Layer)** before your **DAL (Data Access Layer)**you are safe, unless you really don't know the meaning of it and *you just wanna do your way*... When an application is accessing a DAL, **it's not accessing the DB directly**... there's a layer in the middle that will prevent to access it or/and block unsafe calls (BLL)... you really should get your hands in a **good book** or a tutorial (plenty out there) and if you really want to learn how to program the correct way I would suggest my next answer: http://stackoverflow.com/a/6190210/28004 – balexandre Nov 10 '12 at 07:04

1 Answers1

2

Small clarification of terms : REST is an architectural style, SOAP is a protocol for exchanging information, and Web API is a framework to build HTTP Services.

The stock answer for questions like this is "It depends"

Before you continue with a technology selection, currently is your method for authenticating users separated properly from your business/presentation logic?

If that is the case, being that you are using MVC 4, Web API may be the path of least resistance, you can put all of the functionality that requires authentication behind Web API calls. And your controllers will call them. Once that is done, a Windows forms app can consume the data in a similar way.

tcshao
  • 136
  • 2
  • Tcshao, my methods for authentication is separated. Using Web API the performace will be ok? Is it secure? I will can make HTTP Post from Windows Forms? Thanks! – Michel Andrade Nov 10 '12 at 00:42
  • 1
    Adding another layer on any software will make it perform slower, but how noticable it is really depends on your system. Testing is really the only way to be sure. The security part goes beyond the scope of the question. It can be secure, but it requires some additional steps. And whatever technology you choose, you will have to deal with these concerns. – tcshao Nov 10 '12 at 00:51
  • Tcshao, connection directly in the data base is better? – Michel Andrade Nov 10 '12 at 00:56
  • I'm not quite sure what you are asking there. In regards to how to separate the logic your application, I would refer you to the link in balexandre's comment on your question. Ideally you would want your database, authentication, and presentation to not be dependent on each other, so whatever helps you get to that goal. – tcshao Nov 10 '12 at 01:51