Authentication with HTTPS in WCF
Authentication with HTTPS in WCF
By : Kasim Wirama, MCDBA, MVP SQL Server
Message encryption should be combined with authentication and authorization wcf client by wcf service. Usually message level security provides authentication, so wcf service can authenticate user by getting result from Thread.CurrentPrincipal, let say you want to get username of wcf client, you can get information from Thread.CurrentPrincipal.Identity.Name.
This article will give idea how to configure authentication with https with basicHttpBinding. Https works over transport mode. When you configure configuration for basic http binding, on security tab, you set TransportClientCredentialType property from None to one of this options, Windows, Basic, Digest, Ntlm, or Certificate. For intranet environment, Windows credential type is preferred to, and for internet environment, Certificate credential type is suitable and most secure one.
If you configure TransportClientCredentialType to Windows, wcf client will provide its identity to wcf service for authentication purpose, or alternatively wcf client will provide different identity to wcf service by setting up windows username, password, and domain through .NET windows identity on proxy object below :
<object proxy>.ClientCredentials.Windows.ClientCredentials.UserName
<object proxy>.ClientCredentials.Windows.ClientCredentials.Password
<object proxy>.ClientCredentials.Windows.ClientCredentials.Domain
If you configure TransportClientCredentialType to Basic authentication, wcf client explicitly provide user name and password through command line below :
<object proxy>.ClientCredentials.UserName.UserName
<object proxy>.ClientCredentials.UserName.Password.