I'm trying to make a WP7 app which has to interact with WCF service.
What I want is to pass userName/password and see it in WCF service.
Service1Client proxy = new Service1Client();
proxy.ClientCredentials.UserName.UserName= "abc@email.com";
proxy.ClientCredentials.UserName.Password = "abc";
Code we tried in service to get authenticated name(but we got windows identity instead - MyPc\MyLogin)
HttpContext.Current.User.Identity.Name
Here is client config
<configuration>
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="BasicHttpBinding_IService1" maxBufferSize="2147483647"
maxReceivedMessageSize="2147483647">
<!--<security mode="None" />-->
<security mode="TransportCredentialOnly">
<!--<transport clientCredentialType="Basic" />-->
</security>
</binding>
</basicHttpBinding>
</bindings>
<client>
<endpoint address="http://localhost:45148/Service1.svc" binding="basicHttpBinding"
bindingConfiguration="BasicHttpBinding_IService1" contract="ServiceReference1.IService1"
name="BasicHttpBinding_IService1" />
</client>
</system.serviceModel>
And here is server config
<?xml version="1.0"?>
<configuration>
<system.web>
<compilation debug="true" targetFramework="4.0" />
</system.web>
<system.serviceModel>
<behaviors>
<serviceBehaviors >
<behavior>
<!-- To avoid disclosing metadata information, set the value below to false and remove the metadata endpoint above before deployment -->
<serviceMetadata httpGetEnabled="true"/>
<!-- To receive exception details in faults for debugging purposes, set the value below to true. Set to false before deployment to avoid disclosing exception information -->
<serviceDebug includeExceptionDetailInFaults="true"/>
<serviceCredentials>
<userNameAuthentication userNamePasswordValidationMode="Custom"
customUserNamePasswordValidatorType="WP7Service.WpfCustomValidator, WP7Service" />
</serviceCredentials>
</behavior>
</serviceBehaviors>
</behaviors>
<bindings>
<basicHttpBinding>
<binding name="BasicHttpBinding_IService1">
<security mode="TransportCredentialOnly">
<transport clientCredentialType="None" />
</security>
</binding>
</basicHttpBinding>
</bindings>
<serviceHostingEnvironment multipleSiteBindingsEnabled="true" aspNetCompatibilityEnabled="true" />
</system.serviceModel>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true"/>
</system.webServer>
</configuration>
Also I have cutom username validator, but it is never called
public class WpfCustomValidator :
System.IdentityModel.Selectors.UserNamePasswordValidator
{
public override void Validate(string userName, string password)
{
if (userName == null || password == null)
{
throw new ArgumentNullException();
}
var rf = WindsorAccessor.InitializeRepositoryFactory(userName);
if (!ValidateLogOn(rf, userName, password))
{
throw new FaultException("Incorrect Username or Password");
}
}
}
I want the answer to show how to configure client and service to be able to see ClientCredentials.UserName.UserName in service via HttpContext.Current.User.Identity.Name or via current thread identity(or any other way).
Dominick Baier shows you how do to do this on his blog.
Your custom validator code does not get called because the service is configured for clientCredentialType="None" - i.e. no authentication.