O'Reilly logo

Microsoft Windows Communication Foundation 4.0 Cookbook for Developing SOA Applications by Steven Cheng

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Sending a clear text username token over unsecured HTTP transport

For a WCF service endpoint that uses the username authentication type, it requires, by default, the service endpoint to secure the service channel through either message-layer or transport-layer security. In other words, we need to either use the HTTPS transport protocol or message-layer signing and encryption to make the service endpoint able to transfer a username token. However, for some very special cases, we might need to send clear text username/password credentials (for username authentication) over an unsecured HTTP channel. Though this is not supported out of the box, there still exists some workarounds that can help us achieve this. Yaron Naveh has created ClearUsernameBinding ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required