Is it possible to use Windows client credentials for transport security between a windows forms-based client and self-hosted WCF service if the two machines are not in a domain together?
+1
A:
I am no expert on Windows authentication schemes in the wild, but I would assume that the server that implements a given service must have a way to validate the Windows credentials passed to it - either by being on the same domain and having access to the same Active Directory as the caller, or at least by having a trust relationship to the caller's domain (not sure if that'll work, though).
You most certainly cannot use Windows credentials if the caller and the server are on two totally separate Windows domains that aren't even in a trust relationship, IMHO.
Marc
marc_s
2009-05-21 19:05:36