If Your Partner Applications Need to be Authenticated When Calling WCF Services, Use Client Certificate Authentication.

- J.D. Meier, Carlos Farre, Jason Taylor, Prashant Bansode, Steve Gregersen, Madhu Sundararajan, Rob Boucher

If you have partners that need to consume your services, consider using transport security with client certificate authentication. Client certificate authentication allows clients to authenticate without prompting for a username and password.

In order to support client certificate authentication, you will need to add a <clientCertificate> reference to the client config file. The following client config example links the client certificate to the binding:
    <behaviors>
      <endpointBehaviors>
        <behavior name="ClientCertificateBehavior">
          <clientCredentials>
            <clientCertificate findValue="client.com" storeLocation="CurrentUser" storeName="My" x509FindType="FindBySubjectName" />
          </clientCredentials>
        </behavior>
      </endpointBehaviors>
    </behaviors> 

Last edited Jun 12, 2008 at 8:46 PM by prashantbansode, version 1

Comments

No comments yet.