none
WCF SERVER SIDE USERNAME +CLIENT AUTHENTICATION BOTH USING NETTCPBINDING RRS feed

  • Question

  • MY SELF HOSTING App.Config

    <?xml version="1.0" encoding="utf-8" ?>
    <configuration>
      <system.serviceModel>

        <services>

            <service name="WcfService1.Service1" behaviorConfiguration="CustomValidator" >
            <endpoint address=""  binding="customBinding"  bindingConfiguration="custom" name="custom" contract="WcfService1.IService1"  />


              <endpoint address="mex" binding="mexHttpsBinding" contract="IMetadataExchange" />

              <host>
                <baseAddresses>
                  <add baseAddress="https://localhost:8089/TestWCFService" />
                </baseAddresses>
              </host>

          </service>
        </services>

        <bindings>
          <customBinding>
            <binding name="custom">
              <security authenticationMode="UserNameOverTransport"/>
              <textMessageEncoding messageVersion="Soap11WSAddressing10"/>
              <httpsTransport requireClientCertificate="true"/>
            </binding>
          </customBinding>
        </bindings>


        <behaviors>
          <serviceBehaviors>
            <behavior name="CustomValidator">
              <serviceMetadata httpsGetEnabled="true" httpsGetUrl=""/>
              <serviceDebug includeExceptionDetailInFaults="true" />
              <serviceCredentials>
                <userNameAuthentication
                userNamePasswordValidationMode="Custom"
                customUserNamePasswordValidatorType="WcfService1.CustomUserNameValidator, WcfService1"/>
                <clientCertificate>
                  <authentication certificateValidationMode="Custom" customCertificateValidatorType="WcfService1.Certificatevalidator,WcfService1"/>
                </clientCertificate>
              </serviceCredentials>
            </behavior>
          </serviceBehaviors >
        </behaviors >
      </system.serviceModel>
    </configuration>

    SERVICE :

     public class CustomUserNameValidator : UserNamePasswordValidator
        {

           
            public override void Validate(string userName, string password)
            {
               
                    // peform
                    if (null == userName || null == password)
                    {
                        throw new ArgumentNullException();
                    }

                    if (!(userName == "test" && password == "test"))
                    {
                      
                        throw new SecurityTokenException("Unknown Username or Incorrect Password");
                       
                    }
                }
               
            }
        public class Certificatevalidator : X509CertificateValidator
        {
            public override void Validate(System.Security.Cryptography.X509Certificates.X509Certificate2 certificate)
            {
                if (certificate == null)
                {
                    throw new ArgumentNullException("certificate");

                }


                if (certificate.Thumbprint == "6eb7956980e0b096299d183a3765b92d02da39b9".ToUpper())
                {
                }
                else
                {
                    throw new System.IdentityModel.Tokens.SecurityTokenValidationException("Certificate was not issued by trusted issuer");
                }

                }
              
            }
    i have already implemented using https protocol..but i want to implement it using net.tcp protocol.Modify my app.config where i can implement net.tcp

    note: i want authentication both clientside and server both like my appconfig.similar work i did with https but now want implement it net.tcp.modify my config and help me to achieve my task.

    ADVANCE THANKS FOR HELP


    qasim

    Tuesday, May 7, 2013 5:54 PM

All replies

  • Hi,

    It likely that you want to do custom Username/Password authentication with NetTcpBinding, but here you need specify security mode as "Message", since Tcp/Ip does not have UserName/Password style transport layer security like Http has, if you use "Transport" mode, it will relies completely on certificates for authentication. Refer examples from below references.

    #WCF Security: NetTcpBinding with custom UserName/Password authentication

    http://blog.rees.biz/2011/02/wcf-security-nettcpbinding-with-custom.html

    #How to: WCF and custom Authentication (username/password)

    http://blog.clauskonrad.net/2011/03/how-to-wcf-and-custom-authentication.html

    Best Regards.


    Haixia
    MSDN Community Support | Feedback to us
    Develop and promote your apps in Windows Store
    Please remember to mark the replies as answers if they help and unmark them if they provide no help.

    Wednesday, May 8, 2013 7:30 AM
    Moderator
  • you want to do custom Username/Password authentication with NetTcpBinding. i never mention this.

    i said i need help to username/password authentication +client certificate authentication both together

    WCF SERVER SIDE USERNAME +CLIENT AUTHENTICATION BOTH USING NETTCPBINDING

    not only username/password authentication....i have done username/password authentication +server certificate

    but need help to achieve username/password authentication +client certificate authentication both using nettcp


    qasim

    Thursday, May 9, 2013 8:00 AM
  • Hi,

    >>but need help to achieve username/password authentication +client certificate authentication both using nettcp

    Why do you need authenticate the service based on both username/password and certificate? Isn't it a duplication? If you need multipule claims you probably need to look into claims based authentication.

    >>not only username/password authentication....i have done username/password authentication +server certificate

    Yes, if you use custom Username/Password authentication, it also needs a service certificate.

    Best Regards.


    Haixia
    MSDN Community Support | Feedback to us
    Develop and promote your apps in Windows Store
    Please remember to mark the replies as answers if they help and unmark them if they provide no help.

    Saturday, May 11, 2013 10:54 AM
    Moderator
  • i dnt want server certificae..already mention client certificate.

    username authentication+ .server certificate+clientcertificate using custom nettcpbinding.i hope now u will understand wat i want


    qasim

    Sunday, May 12, 2013 4:09 PM