After several MSDN articles, I had client certificates and username passwords working for my WCF service. The client needed a certificate, username and password to access my service.
Recently, the certificate stops working, I can access the service without providing a client certificate. I use the SOAP interface to test the client. Usually I have to add the client certificate to the keystore, and then specify which key to use for the request.
I recently set up a test, and I did not need to provide a client certificate. Nothing in my conifg has changed. Is it configured correctly?
Thanks.
My Binding Config:
<wsHttpBinding> <binding name="BasicBinding"> <security mode="TransportWithMessageCredential"> <transport clientCredentialType="Certificate" /> <message clientCredentialType="UserName" negotiateServiceCredential="false" establishSecurityContext="false" /> </security> </binding> </wsHttpBinding>
My service:
<service behaviorConfiguration="APIServiceBehaviour" name="Service"> <endpoint address="api" binding="wsHttpBinding" bindingConfiguration="BasicBinding" name="soap-api" bindingNamespace="https://myserver.com" contract="IAIService" /> <host> <baseAddresses> <add baseAddress="https://myserver.com" /> </baseAddresses> </host> </service>
Behavior:
<serviceAuthorization principalPermissionMode="Custom"> <authorizationPolicies> <add policyType="MyAuthorizationPolicy,MyProject" /> </authorizationPolicies> </serviceAuthorization> <serviceCredentials> <serviceCertificate findValue="tempSClient" storeLocation="LocalMachine" storeName="My" x509FindType="FindBySubjectName" /> <userNameAuthentication userNamePasswordValidationMode="Custom" includeWindowsGroups="false" customUserNamePasswordValidatorType="MyProject.UserAuth,MyProject" /> </serviceCredentials> </behavior>
Allan
source share