This project is read-only.

If You Need to Support Interoperability, Consider Setting negotiateServiceCredentials to False

- J.D. Meier, Carlos Farre, Jason Taylor, Prashant Bansode, Steve Gregersen, Madhu Sundararajan, Rob Boucher

If you need to support clients which does not understand the WS-Trust and WS-SecureConversation, set the negotiateServiceCredentials attribute to False.

For Anonymous, Username or Certificate client credential types, setting this property to false implies that the service certificate must be available at the client out of band and that the client must specify the service's certificate to use. In the case of Windows credentials, setting this property to false causes an authentication based on KerberosToken. This requires that the client and service be part of a Kerberos domain.

Here is a configuration example:
  <binding name="MessageAndUserName">
    <security mode="Message">
      <message clientCredentialType="UserName" negotiateCredentials=”false” algorithmSuite="Default" />

Additional Resources

Last edited Jun 13, 2008 at 12:23 AM by prashantbansode, version 1


No comments yet.