locked
How to specify username/password in client app.config to access WCF service RRS feed

  • Question

  • I have a WCF service configured to use a custom user name/password validator (as described in MSDN library How to: Use a Custom User Name and Password Validator).  My custom validator expects a text username/password.

    OK, so how do I specify the username/password in the client's app.config?  I had expected to be able to use clientCredentials, like...

    <endpointBehaviors>

       <behavior name="mybehavior">

           <clientCredentials type="????" />

    But I can't find any examples of how to specify a plain-text username/password in clientCredentials.

    Or am I going down the wrong path?

    (yes, I know this isn't secure... it's something we need internally only for our dev team... not everyone is on the domain, so we can't use Windows authentication).

    Thanks,

    DadCat

     

     

    Tuesday, January 24, 2012 5:05 PM

Answers

  • DadCat,
    You can't do this in configuration for username/password, probably because no one likes to see passwords in a configuration file... (you can if you use a certificate for example).
     
     
    You have to set it in code like this:
     
    proxy.ClientCredentials.UserName.UserName = username;
    proxy.ClientCredentials.UserName.Password = password;
    
     
    If you don't care about passwords in the config file you can add the username and password to the app.config (or web.config), read them in code, and set them as shown above.

    If this post answers your quenstion, please mark it as such. If this post is helpful, click 'Vote as helpful'.
    • Edited by Peter Borremans Tuesday, January 24, 2012 6:09 PM
    • Marked as answer by DadCat Tuesday, January 24, 2012 6:51 PM
    Tuesday, January 24, 2012 6:05 PM

All replies

  • DadCat,
    You can't do this in configuration for username/password, probably because no one likes to see passwords in a configuration file... (you can if you use a certificate for example).
     
     
    You have to set it in code like this:
     
    proxy.ClientCredentials.UserName.UserName = username;
    proxy.ClientCredentials.UserName.Password = password;
    
     
    If you don't care about passwords in the config file you can add the username and password to the app.config (or web.config), read them in code, and set them as shown above.

    If this post answers your quenstion, please mark it as such. If this post is helpful, click 'Vote as helpful'.
    • Edited by Peter Borremans Tuesday, January 24, 2012 6:09 PM
    • Marked as answer by DadCat Tuesday, January 24, 2012 6:51 PM
    Tuesday, January 24, 2012 6:05 PM
  • That was what I feared.

    Which means we have to make code changes to a production app in order to accomodate an "environmental" issue that's only applicable to developers.

    So much for "declarative" configuration!

    Thanks,

    DadCat

     

     

    Tuesday, January 24, 2012 6:51 PM
  • Thats true DadCat. Its also my concern. I don't want to specify anything in the code. Later if there is any change in userid/password we can seamlessly change them in the config file without the need to change the production dll.

    Raj

    Monday, December 3, 2012 8:33 PM