Authentication in WCF

The following topics show a number of different mechanisms in Windows Communication Foundation (WCF) that provide authentication, for example, Windows authentication, X.509 certificates, and user name and passwords.

In This Section

How to: Use the ASP.NET Membership Provider
ASP.NET features include a membership and role provider, a database to store user name/password pairs for authentication, and user roles for authorization. This topic explains how WCF services can use the same database to authenticate and authorize users.

How to: Use a Custom User Name and Password Validator
Demonstrates how to integrate a custom user name/password validator.

Service Identity and Authentication
As an extra safeguard, a client can authenticate the service by specifying the expected identity of the service. If the expected identity and the identity returned by the service do not match, authentication fails.

Security Negotiation and Timeouts
Describes how to use the NegotiationTimeout property in the LocalServiceSecuritySettings class.

Debugging Windows Authentication Errors
Focuses on common problems encountered when using Windows authentication.



Common Security Scenarios

See also