ManOnAMission
ManOnAMission

Reputation: 1043

How to set up WCF transport security using Windows for clients and service for security newbie?

I am pretty new to WCF services and especially to security - and am a bit overwhelmed by all the security options.

We are currently implementing a WCF service (both the service and clients) in an intranet running Windows machines. So I thought about using Windows credentials as transport security mechanism.

But I think I need some help on a few things:

  1. after adding the transport security settings in the config of the WCF service, the client config then contains after updating the service reference an element called userprincipalname. That confuses me as I thought the user would be the Windows user running the app, which calls the service, rather than some hardcoded value in the client config. So why is a user specified in the client config?

  2. and does Windows automatically pass the right user from the clients to the service or do I need to add any special code on the client side to "set" the right user? We would be calling the WCF service from a Windows Forms client.

    (We will be self hosting the service in a windows service if it matters - for testing I run the service under my own account.)

Thanks all!

Upvotes: 4

Views: 1650

Answers (2)

spse
spse

Reputation: 284

Have a look at this: http://msdn.microsoft.com/en-us/library/ms733089(v=vs.100).aspx

Has the configs for both, client and server.

Upvotes: 3

Related Questions