none
Small file transfer with duplex contract and custom authentication RRS feed

  • Question

  • Hi

    Is it possible to transfer small files between a WCF server and WCF client that are configured with a duplex contract and custom authentication?

    My goal was to have all traffic including file transfer travel over my secure WCF channel.

    Wednesday, August 14, 2013 2:03 AM

Answers

  • Hi,

    Please try to use Custom User Name password Validater on the WSDualHttpBinding.

    Settings to be added on Binding:
     
    WSDualHttpBinding binding = new WSDualHttpBinding();
    binding.Security.Mode = WSDualHttpSecurityMode.Message;
    binding.Security.Message.ClientCredentialType = MessageCredentialType.UserName;
    Settings to be added on Host:
    ServiceHost host = new ServiceHost(typeof(MyService), serviceEndPointAddress);
    host.Credentials.UserNameAuthentication.UserNamePasswordValidationMode = System.ServiceModel.Security.UserNamePasswordValidationMode.Custom;
    host.Credentials.UserNameAuthentication.CustomUserNamePasswordValidator = new MyUserNamePasswordValidator();
    //MyUserNamePasswordValidator should be derived from UserNamePasswordValidator.Override Validate method.

    As the client sends username and password. It has to trust the server. Trust will be established by mutual certificate authentication.  

    Please use makecert tool to create a self signed certificate.
    If you want to know more about certificate management, please try to refer to:
    Then you need to configure your server to use the certificate:

    host.Credentials.ServiceCertificate.SetCertificate(StoreLocation.LocalMachine, StoreName.My, X509FindType.FindBySubjectDistinguishedName, "CN=MyCert"); host.Credentials.IssuedTokenAuthentication.CertificateValidationMode = System.ServiceModel.Security.X509CertificateValidationMode.None; host.Credentials.IssuedTokenAuthentication.RevocationMode = X509RevocationMode.NoCheck; host.Credentials.IssuedTokenAuthentication.TrustedStoreLocation = StoreLocation.LocalMachine;

    Then you need to configure your client to use same certificate:

    <endpoint address="http://localhost:8070/MyService.svc"
           binding="wsDualHttpBinding" bindingConfiguration=""
           contract="" name="WSDualHttpBinding_MyService"
            behaviorConfiguration="">
    
            <identity>
             <dns value="MyCert"/>
            </identity>

    Now if you run server and client. The client credentials added in client will be seen in MyUsernamePassword Validater's Validate Method

    Best Regards.


    Amy Peng
    MSDN Community Support | Feedback to us
    Develop and promote your apps in Windows Store
    Please remember to mark the replies as answers if they help and unmark them if they provide no help.



    Thursday, August 15, 2013 3:47 AM
    Moderator