Using WCF to create a RESTful Web Service that requires authentication and uses JSON as input/output format

Question

I want to port an existing ASP.NET Web Service to WCF so the resulting Web Service (1) is RESTful, (2) uses JSON as its request/response format, (3) has a custom authentication mechanism.

After a lot of googling, random coding, and wanting to hit my head against the wall, I found that...

1. A webHttpBinding has to be used to make the Web Service RESTful. But...

   1. webHttpBinding does not support HTTPS hosts.

   2. webHttpBinding does not support UserName authentication.

   3. webHttpBinding does not even support message security.

2. An endpoint behavior with <enableWebScript/> has to be used to support ASP.NET AJAX. But...

   1. What is "ASP.NET" AJAX?

   2. What if I want to consume the Web Service using "regular" AJAX?

And, most importantly...

1. Can WCF do what I want to do in first place?

2. If not, what other platforms could I use?

Answer 1

I've written WCF service that does both SOAP and REST with XML and JSON, and custom auth. I've pushed the custom authentication into HTTP module, which does basic auth over https. See Custom HTTP Basic Authentication for ASP.NET Web Services on .NET 3.5/VS 2008 and WCF POX, JSON and SOAP Coexist.

Answer 2

In the setup you describe, the web servier (i.e. IIS) will be responsible for encryption (HTTPS) and authentication (e.g. basic authentiction). IIS can be extended with a custom authentication mechanism (just google for "IIS module handler").

It's a bit strange that it has to be delegated to IIS and is not part of WCF. But it's no problem at all.