WCF Service Cross Domain Authentication RRS feed

  • Question

  • I am struggling to find the right security option for the scenario I am trying to solve. I have two wcf services located in different domains. (I believe the domains have trust). I am using wshttpbinding (no I can't use basichttpbinding, and no-security is not an option).

    1) Scenario 1, Cross Domain (trust established)

    I am trying to accomplish it using message based security (transport is not an option because one of the wcf services is a router), with windows credential types. I am assuming this option should work if domains have trust.

    (Do App Pools for WCF Services in IIS must run under the same windows account?)

    Any other options would you recommend?

    2) Scenario 2, Cross Domain (no trust)

    If domains have no trust, is there anyway to authenticate without using certificates? Such as using UserName credentials without a certificate?

    Any other options would you recommend?

    Saturday, April 27, 2013 2:19 AM