Windows Live Writer Authorization with custom AtomPub service

Question

I've been working lately on my own WCF AtomPub service (based on the example in the "WCF REST Starter Kit") for using WLW with my custom written blog. All basic actions such as adding, updating, retrieving and deleting an entry are working "fine". Although, right now I'm a little stuck when trying to implement the authentication. I can't seem to understand how WLW manages the authentication with AtomPub services.

I've tried to implement it on my side by checking the Authorization header. If not present sending the Unauthorized header etc... but their fails WLW on me. I also checked all headers send by WLW (for exemple when adding an entry) but I can't seem to find anything related to authentication.

I must say that the WCF service currently is hosted in the same site as my website. And the IIS authentication is set to Unauthorized and Forms. All others are disabled.

Can anyone help me into the right direction? Some interesting websites for example explaining this? (something I have missed in my searches on the web).

Thanks

Answer 1

I had to write an atompub service for the Live Writer about an year ago. These blog posts helped me a lot at that time: http://jcheng.wordpress.com/2007/10/15/how-wlw-speaks-atompub-introduction/. For your case you may look at part 2. In short - "Use Basic, Digest, or X-WSSE over HTTP or HTTPS". I used the basic authentication and had to use this library MADAM http://msdn.microsoft.com/en-us/library/aa479391.aspx to get forms and basic authentication work together. I hope this helps.