I have implemented a WCF service that uses a TransportWithMessageCredential binding and a custom UserNamePasswordValidator.
I have a Silverlight 3 client connecting to this service. If I set valid credentials it works perfect, however, in the username validator I throw a SecurityTokenException if the username and password does not match.
Now I have implemented a dummy service call just to verify the credentials, is there a "nicer" way of checking the credentials. A service method that accept username and password and returns true/false doesn't feel safe.