I am new to WCF services and especially in the field of security - and a little overloaded with all the security settings.
We are currently deploying a WCF service (both service and clients) on an intranet with Windows computers. So I was thinking about using Windows credentials as a transport security mechanism.
But I think I need help with a few things:
after adding transport security settings to the WCF service configuration, the client configuration then contains, after updating the service link, an element called userprincipalname. This bothers me because I thought the user would be a Windows user running an application that calls a service, not some solid value in the client configuration. So why is the user specified in the client configuration?
and Windows automatically transfers the correct user from clients to the service, or do I need to add some special code on the client side to "install" the right user? We will call the WCF service from the Windows Forms client.
(We will place the service in the Windows service on our own, if it matters - for testing, I start the service under my account.)
Thanks everyone!
source share