views:

122

answers:

0

What should be specified on the client side?

Is this enough:

binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Digest; 
//...
cf.Credentials.HttpDigest.ClientCredential =  new NetworkCredential("myuser", "mypass", "mydomain");
cf.Credentials.HttpDigest.AllowedImpersonationLevel = TokenImpersonationLevel.Impersonation;

What should be specified on the server side? obviously one needs:

binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Digest;

but where do one specify in the server the digest username\password to validate the client against?

In addition when Micosoft says that Digest Authentication uses the Domain Controller, what does it mean? Does it validate username\password against it?