Can you use a custom membership provider with userNamePasswordValidationMode?

Every example I see uses the default Membership Provider with the userNamePasswordValidationMode, but can I specify MembershipProvider for userNamePasswordValidationMode in the ServiceCredentials for a WCF REST Service if I have a Custom Membership Provider? Is the following route the best to take if this is possible:

1. Create a custom membership provider that implements Membership Provider.

2. Create a CustomUserNamePasswordValidator that implements UserNamePasswordValidator and override the Validate Method.

3. In t开发者_开发技巧he Validate method, validate whether a user exists in the database.

Issues I am having are, if I have a login method in my service and it is called from an a web browser with the url http://test.com/service.svc/login, how can I get the username and password. Assume that it the username and password can be typed into a web page or it can come from a smart device application (android, iphone, etc)

You should be able to: [HowToUseNonDefaultMembershipProvider][1] In Step 1 the page has two additional links, the first shows you how to build the membership provider class, the second shows the config entries necessary. While the second link talks about specifying the default provider you can actually specify any number of providers in the config, one of them would just happen to be the default:

<system.web>
    <membership defaultProvider="SqlProvider">
        <providers>
            <clear />
            <add name="SqlProvider"
  type="System.Web.Security.SqlMembershipProvider"
  connectionStringName="MySqlConnection"
  applicationName="MyApplication"
  enablePasswordRetrieval="false"
  enablePasswordReset="true"
  requiresQuestionAndAnswer="true"
  requiresUniqueEmail="true"
  passwordFormat="Hashed" />
            <add name="MyProvider"
                     type="MyCompany.MyNamespace.MyMembershipProvider" />
        </providers>
    </membership>
</system.web>

Now in the sample code from the link above you could have a line in the AuthenticationService_Authenticating method like so:

e.Authenticated = Membership.Providers["MyProvider"].ValidateUser(e.UserName, e.Password);

In your custom provider class you would implement the ValidateUser method. This could contain whatever logic necessary to validate the username & password (which are passed to the method).

[1]: http://How to: Use Non-default Membership Provider for WCF Authentication Service