Hi there
I was wondering whether it's possible to configure different security options for a single web service without differentiation of the URI. The service should support authentication based on Certificate on the Transport level and based on Username on the Message level. When I define two endpoints where each references its corresponding binding configuration but share the same URI I get the following exception:
Service cannot be started. enter code hereSystem.InvalidOperationException: A binding instance has already been associated to listen URI 'https://teinf0092.emea.zurich.test:8443/demo/PingService'. If two endpoints want to share the same ListenUri, they must also share the same binding object instance.
I don't want that a client must choose the URI dependent on the security policies.
I see two possible options. Either I hook into the processing chain in WCF (custom service behavior) and check whether the one or other policy is satisfied or I could somehow use WS-Policy.
Any thoughts on that? I'd prefer to configure everything within Web.config.
Thanks Oliver