WCF security mode is TransportWithMessageCredential using UserName, where to validate?

Question

Hi,

Here is part of my web.config for my WCF service:

<bindings>
      <basicHttpBinding>
        <binding name="sslBinding">
          <security mode="TransportWithMessageCredential">
            <message clientCredentialType="UserName" algorithmSuite="Default" />
            <transport />
          </security>
        </binding>
      </basicHttpBinding>
    </bindings>

Where exactly do I check for the username when a client tries to consume my service? Is there some method I have to override to validate the username?

Answer 1

<behaviors>
        <serviceBehaviors>
          <behavior name="behavior">
            <serviceCredentials>
              <userNameAuthentication customUserNamePasswordValidatorType="myType, assembly" userNamePasswordValidationMode="Custom"/>
            </serviceCredentials>
          </behavior>
        </serviceBehaviors>