How do I get a WCF service's WSDL to say that it requires basic authentication?

Question

We have a WCF service hosted on IIS behind a SiteMinder proxy (for lack of a better term). In essence, requests enter the SiteMinder at https://public.domain.com/SOA/Service.svc with http basic authentication. SiteMinder verifies the authentication, strips it off and sends a request to http://internal.domain/SOA/Service.svc with no authentication.

This presents two problems when querying the service WSDL:

1. The URLs within the WSDL show http: instead of https:
2. The WSDL doesn't make any mention of requiring basic authentication

I've been able to address concern #1 by implementing an IWsdlExportExtension that replaces the urls within the ExportEndpoint( method. I have not been able to figure out how to address problem #2 though. Can anyone out there point me in the right direction?

Thanks!

Answer 1

Since the authentication is not occurring where the service is hosted, the solution will be to hand-craft a WSDL file, and then tell WCF to reference it using externalmetadatalocation.

Answer 2

I was able to figure this out. I needed to use a customBinding, and provide my own IPolicyExportExtension, with this as the implementation of IPolicyExportExtension.ExportPolicy():

void IPolicyExportExtension.ExportPolicy(MetadataExporter exporter, PolicyConversionContext context) {
   XmlElement elem = doc.CreateElement("http", "BasicAuthentication", "http://schemas.microsoft.com/ws/06/2004/policy/http");
   context.GetBindingAssertions().Add(elem);
}