I wrote a custom WCF binding a while back to allow my load balanced farm to host services via IIS. The reason for the custom binding was that each server didn't have SSL but needed the ability to accept a client credential of username + password. The proxy in front of this farm has SSL so the traffic would be encrypted outside the firewall. This custom binding works fine but now I'm at the point where I need to watch the traffic from my machine locally and wanted to do this w/out SSL in the mix.
The issue is this - on the .net client if I set my security mode = "TransportWithMessageCredential" I must have SSL else I get the fun error "invalid scheme, expected https"
Is it possible to write something custom for the client to "ignore" that SSL is missing but still let me pass the username + password via the SOAP header?