Authenticating WCF Service Over HTTPS by User Name and Password

Here, I will talk about authenticating a Windows Communication Service by user name and password.

I describe this as Custom Authentication. There are a few more options for authenticating a WCF service. We will however discuss only custom authentication.

The following describes how to set up a WCF service to authenticate by user name and password.

Create a WCF service application using Visual Studio as in the following:

WCF service application

To authenticate the service we need to use the UserNamePasswordValidator base class that validates the user name and password.

So, create a class called UserNamePasswordValidator as shown below.

Create a class

Modify the web configuration file as in the following:

Modify the web configuration file

Here, I have configured it for basicHttpBinding with security mode TransportWithMessageCredential.
You can use wsHttpBinding as well. But, right now I guess it is not supported by Windows 8 store applications. So, use basicHttpBinding with security level "Message".

Also, in the UserNameAuthentication section set UserPasswordValidationMode to "Custom" and the custom class you created for authenticating the service and the assembly name of your application that contains the custom authentication class.

Adding service reference to the client project

Adding service reference

Calling service method with passing credentials

Service1Client c = new Service1Client ();

c.ClientCredentials.UserName.UserName = "";

c.ClientCredentials.UserName.Password = "";

var t = await c. GetData (1);

So, it will authenticate the service call by using credentials and send the results back to the client.