Databases
StackOverflow2013
Postsdbo
PO
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. PO
    text
    copied!<p>You can use the <a href="http://msdn.microsoft.com/en-us/library/ms731299.aspx" rel="nofollow">wsHttpBinding</a> for passing credentials to your service, this will however at the very least require you to send the credentials with message security. You can combine this with anonymous authentication in IIS. This way, everyone can access the service on a transport level, but you'll be able to handle the credentials yourself.</p> <p>To expand, I have a WCF service running in IIS with HTTPS and anonymous authentication. In my web.config I've set up a wsHttpBinding, like this:</p> <pre><code>&lt;bindings&gt; &lt;wsHttpBinding&gt; &lt;binding name="CredentialsBinding" /&gt; &lt;security mode="TransportWithMessageCredential"&gt; &lt;message clientCredentialType="UserName" algorithmSuite="Default" /&gt; &lt;/security&gt; &lt;/binding&gt; &lt;/wsHttpBinding&gt; &lt;/bindings&gt; </code></pre> <p>In my behaviors, I've set up a servicebehavior for a custom username/password validator, like so:</p> <pre><code>&lt;behaviors&gt; &lt;serviceBehaviors&gt; &lt;behavior name="DefaultBehavior"&gt; &lt;serviceCredentials&gt; &lt;userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="MyNamespace.CredentialValidator, MyNamespace"/&gt; &lt;/serviceCredentials&gt; &lt;/behavior&gt; &lt;/serviceBehaviors&gt; &lt;/behaviors&gt; </code></pre> <p>The validator looks like this:</p> <pre><code>namespace MyNamespace.CredentialValidator { public class CredentialValidator: UserNamePasswordValidator { public override void Validate(string userName, string password) { // you can now handle the username and password passed to your service // with a wsHttpBinding through HTTPS } } } </code></pre> <p>--EDIT</p> <p>Rory Primrose describes what you're probably looking for in his article <a href="http://www.neovolve.com/post/2008/04/07/wcf-security-getting-the-password-of-the-user.aspx" rel="nofollow">WCF Security: Getting the password of the user</a>, using a CustomUserNameSecurityTokenAuthenticator to get the password for further use.</p>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload