I'm fully aware of the insecurity of this approach, but have a justified need for Basic http authentication for a WCF hosted SOAP webservice. Is there really no way to make this work? Every method I've found of adding basic auth requires transport (https) security.
Asked
Active
Viewed 1,548 times
1 Answers
3
I think you're looking for "TransportCredentialOnly". See this MSDN article.
The binding would then look like this:
<bindings>
<basicHttpBinding>
<binding name="NewBinding">
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Basic" />
</security>
</binding>
</basicHttpBinding>
</bindings>
The above code snippet was taken from this blog article on the topic.
Gabe
- 2,526
- 1
- 23
- 24
-
I'm actually trying this right now, not working yet but still need to try a couple things. thanks – Brady Moritz Oct 17 '11 at 01:08
-
Now I'm in business. Strangely, I'd run across this as a solution elsehwere, but everything I read indicated that HTTPS was still required. argh. Thanks man! I have a custom authentication provider now cranking along with this. – Brady Moritz Oct 17 '11 at 01:18
-
No problem, I'm glad you got something going! – Gabe Oct 17 '11 at 11:51