Reputation: 14877
Making WCF service run over HTTP with simple user config based authentication
I've looked up and down and I can't seem to find a way to have a simple WCF service (with either basicHttpBinding or wsHttpBinding) authenticate against this sort of config:
<authentication mode="Forms">
<forms cookieless="UseCookies">
<credentials passwordFormat="Clear">
<user name="test" password="pass"/>
</credentials>
</forms>
</authentication>
Basically, I want to hardcode a simple user/pass (don't ask why) and make sure my WCF service uses this.
On the client side I have this:
client.ClientCredentials.UserName.UserName = "test";
client.ClientCredentials.UserName.Password = "pass";
But the credentials do not seem to get passed on. The HttpContext.Current.User.Identity is never authenticated on the WCF side.
I've tried playing with the settings below trying to use everything from None, Transport, Message... but only None seems to let the service run (but no credentials are being sent/used). Other settings seem to require a X509 certificate (as I've found out in this great example).
<wsHttpBinding>
<binding name="userHttp">
<security mode="None">
<message clientCredentialType="UserName"/>
</security>
</binding>
</wsHttpBinding>
So, all in all... I want to create a very simple WCF service (that runs over HTTP - not HTTPS) with even simpler plain text username/password authentication. Should be possible but I am already lost. The best solution involves honoring <user /> entries but I'd be happy with any other simple implementation. It doesn't need to use cookies. As far as I am concerned it may as well send username/password on each service method call.
Upvotes: 0
Views: 945
Answers (1)
Reputation: 24426
If you want to send user/pass in the message level without ssl then use ClearUsernameBinding. If you want the same in the transport level then use TransportCredentialOnly.
<binding name="BasicHttpEndpointBinding">
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Windows" />
</security>
</binding>
Upvotes: 2
Related Questions
- WCF: Web Service Login / Authentication: HowTo?
- Calling a web service that requires basic http authentication from wcf client
- Connect with WCF to a WebService authenticated with username/password
- WCF and Authentication
- WCF Service with Basic Auth over HTTP
- How can I do Windows Authentication with WCF over http?
- WCF service username/password authentication over HTTP without SSL
- Connect to a password protected server with WCF over HTTP
- WCF with Http Basic Authentication
- Authenticating ASP.NET web app with WCF service