WCF Secured Using Membership Provider, but getting certificate error

开发者 https://www.devze.com 2023-02-11 16:49 出处：网络

I\'ve created a custom membership provider and I am trying to use it to secure my WCF service. But, I am getting this error:

I've created a custom membership provider and I am trying to use it to secure my WCF service. But, I am getting this error:

The service certificate is not provided. Specify a service certificate in ServiceCredentials.

I don't want to use an x509 certificate. How can I get this working?

Here is my service config:

<?xml version="1.0"?>

<bindings>
  <wsHttpBinding>
    <binding name="wsHttpBinding1" maxBufferPoolSize="2147483647"
      maxReceivedMessageSize="2147483647">
      <readerQuotas maxDepth="2147483647" maxStringContentLength="2147483647"
        maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647" />
      <security mode="Message">
        <message clientCredentialType="UserName"/>
      </security>
    </binding>
  </wsHttpBinding>
</bindings>
<services>
  <service name="UpdateService.UpdateService" behaviorConfiguration="ASPNETProviders">
    <endpoint address="" binding="wsHttpBinding" bindingConfiguration="wsHttpBinding1"
      contract="UpdateService.IUpdateService" />
  </service>
</services>
<behaviors>
  <serviceBehaviors>
    <behavior name="ASPNETProviders">
      <serviceCredentials>
        <userNameAuthentication userNamePasswordValidationMode="MembershipProvider" membershipProviderName="myUpdateMembershipProvider"/>            
      </serviceCredentials>
    </behavior>
    <behavior>          
      <!-- To avoid disclosing metadata information, set the value below to false and remove the metadata endpoint above before deployment -->
      <serviceMetadata httpGetEnabled="true" />
      <!-- To receive exception details in faults for debugging purposes, set the value below to true.  Set to false before deployment to avoid disclosing exception information -->
      <serviceDebug includeExceptionDetailInFaults="false" />
    </behavior>
  </serviceBehaviors>
</behaviors>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true"
  multipleSiteBindingsEnabled="true" />

UPDATE

This blog post, enter link description here, says:

[When] you opt in for the UserName client credential type, WCF insists that y开发者_Go百科our service must also reference a service certificate that contains a private key.

I am going to host my service in IIS and plan to use SSL certificate in the web site for encrypting communication. Can I make WCF not insist that I reference a service certificate?

It seems that Microsoft really, really wants me to use a certificate.

Someone developed a Clear Username Binding for my situation, but I think I may just surrender and use a certificate.

Have you try to create a custom credential validator ? See this : http://nayyeri.net/custom-username-and-password-authentication-in-wcf-3-5