Plain-Text Username Password Authentification with WCF

Posted on by Daniel Kirstenpfad

If you got it, it’s easy. If you’re starting from scratch it ain’t as easy. We were in need of such a Username+Password Authentification so I started googling around.

I found several articles but had to mash it all together in a trial-and-error session. Now that I am enlightened I want to share my knowledge:

Step 1: Implement an UserNamePasswordValidator class and override the Validate method.

using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.IdentityModel.Tokens;
using System.IdentityModel.Selectors;

namespace sones.Pandora.Database.Hosting
{
    public class UserNamePasswordAuthentification: UserNamePasswordValidator
    {

        public override void Validate(string userName, string password)
        {
            if ((userName != "Username") || (password != "Password"))
            {
                throw new SecurityTokenException("Validation Failed!");
            }
        }
    }
}

Step 2: Edit the App.config file to enable the previously implemented UsernamePasswordValidator.

    <bindings>
      <basicHttpBinding>
        <binding name="CustomAuthentication">
          <security mode="TransportCredentialOnly">
            <transport clientCredentialType="Basic" proxyCredentialType="Basic"/>
          security>
        binding>
      basicHttpBinding>
    bindings>
    <behaviors>
      <serviceBehaviors>
        <behavior name="SecurityBehavior">
          <serviceCredentials>
            <userNameAuthentication
            userNamePasswordValidationMode="Custom"
            customUserNamePasswordValidatorType="sones.Pandora.Database.Hosting.UserNamePasswordAuthentification, PandoraDB_WebServiceHost_UsernamePasswordAuth"/>
          serviceCredentials>
        behavior>
      serviceBehaviors>
    behaviors>
    <services>
      <service behaviorConfiguration="SecurityBehavior" name="sones.Pandora.Database.Hosting.PandoraDatabaseHost">
        <endpoint address="" binding="basicHttpBinding" bindingConfiguration="CustomAuthentication"
          name="ep1" contract="sones.Pandora.Database.Hosting.IPandoraDatabaseHost" />
      service>
    services>

In this example the ServiceHost will use no server SSL certificate and therefor allow normal http access instead of just using https ssl. You can configure that behavior with the <security mode=”TransportCredentialOnly”> line. Just change there and define an apropriate certificate and you’re good to go with https / ssl.

Zed-4

Posted on by Daniel Kirstenpfad

Uhh what a day! We had the opportunity to test drive a brand new BMW Z4 sDrive23i. This straight-6 engine is just phenomenal. Even this smallest 204 hp version feels and sounds like a roadster should sound and feel.

We almost emptied a complete fuel tank on about than 350 km of road today – which means we had that much fun. Maybe when we buy one in the future it should have a bit more horsepower.

We even made some pictures:

IMG_6832

IMG_6850

IMG_6874

thanks to our dealership: BMW Autohaus Poerlitz