Proper authentication and how to set it

Question

Dear all,

I have the following scenario :
====================

I have a set of services wich are hosted as NT servvices and IIS/WAS hosting, lest call those 2 sets of services WCF_NT service and WCF_IIS service
WCF_NT service and WCF_IIS service are on the same machine. Lets call it LOCAL
WCF_NT service is running as a Local service account and WCF_IIS services are runing under NETWORK SERVICE account

The LOCAL machine is not connected to any domain, for time beeing it is essentially in a WORGROUP environement

I have then a client application , lest call it LOCAL_CLIENT_ APP which consumes those services and run on the same machine as services.
So far so good

My customer demand is to get the CLIENT_APP to be installed on its network OFFICE_PC and be able to consume services from LOCAL machine

So based on that the idea is that I need to find out the proper simple solution to autheticate the client app from OFFICE PC into services located under LOCAL machine

So first of all as I am in a workgroup environement I will have to get a defaut account, like for instance REMOTE which will be use from office PC to authenticate Local PC as the first normal user authentication

Then after this I will have to authenticate the REMOTE client user to the LOCAL machine against local services  either in NT service or IIS

So procedure will be then as follow :

- User in OFFICE-PC run the client application as REMOTE user
- As the user REMOTE will exist on local machine, OFFICE PC is able to connect to LOCAL PC
- Then when the client application has started, the REMOTE user needs to be able to access either WCF_NT or WCF_IIS

I am using netTcpbnding on both side client and service config

1- How can I configured the client credential in order that any remote use could access my WCF_NT service and WCF_IIS ?
2- Does the configuration can be done only inside config file or do I have to modified my services code ?
3- Does mutual authentication would be simpler way to go ?
4- Does certificate will be better to handle that Windows token ?

What ever the choice is do I have to code set the client credential in code or can it be used from config only ?

Thnaks for your help
serge

---

Your experience is build from the one of others

Answer 1

Hi Serge,

1. Please have a look at this document. There are some How-to articles for your reference about setting up authentication.
http://msdn.microsoft.com/en-us/library/cc949034.aspx

There is one article How to: Create and Install Temporary Certificates in WCF for Message Security During Development. It should give you good start for authentication.
http://msdn.microsoft.com/en-us/library/cc949011.aspx

2. You can set certificate information in code or configuration for authentication. Have a look at this article about one sample for your reference.
http://www.codeproject.com/KB/WCF/wcf_certificates.aspx?display=Print

---

Best regards,
Riquel
Please remember to mark the replies as answers if they help and unmark them if they provide no help.
Welcome to the All-In-One Code Framework! If you have any feedback, please tell us.