I am developing a server application using WCF to expose WebService endpoints for clients. I want to implement authentication through a simple custom provider that will use the username and password passed through the SOAP headers. I know how to set the user name and password to be sent on the client, I just want to know how to pull the username and password out of the SOAP header on the server side. Any help would be greatly appreciated.
+3
A:
You need to specify the username and password validator in the service behavior
<behavior name="MyServiceBehavior">
<serviceCredentials>
<userNameAuthentication userNamePasswordValidationMode="Custom"
customUserNamePasswordValidatorType="MyNamespace.MyUserNamePasswordValidator, MyDll" />
</serviceCredentials>
</behavior>
you can access the user name and password from MyUserNamePasswordValidator class
public class MyUserNamePasswordValidator : UserNamePasswordValidator
{
public override void Validate( string userName, string password )
{
// valid your password here
}
}
codemeit
2008-11-26 22:11:56
I follow your tips but a can't get the method Validate called. I need send a UserName and Password without requiring HTTPS and without requiring a certificate installed on the server, using the basicHttpBinding.
Lester
2010-07-27 18:35:38