arnold park

I've founded that using Transport security, i can map client certificate to windows account.

here's some link.

http://www.newtelligence.com/staff/sergeys/WCFIISCertificatesAuthorization.aspx

But is it possible do the same thing using message security

Show me the way.



Re: Windows Communication Foundation (Indigo) Map Client Certificate to Windows Account with message security

Suwatch

WCF has a feeature to allow mapping certificate to windows account. The certificate has to be associated with Windows account at ActiveDirectory. See below link for more info.

http://msdn2.microsoft.com/en-us/library/system.servicemodel.security.x509clientcertificateauthentication.mapclientcertificatetowindowsaccount.aspx

If you want to map arbitrary certificate to arbitrary account, you have to provide the custom X509SecurityTokenAuthenticator. See below link about custom token extensibility for detail.

http://msdn2.microsoft.com/en-us/library/ms730868.aspx

Cheers,






Re: Windows Communication Foundation (Indigo) Map Client Certificate to Windows Account with message security

Rick G. Garibay

Hi Suwatch,

Can you please elaborate on this technique Where is the Windows account to map to specified In other words, once you add the following configuration, where do you specify the certificate to account map

<serviceCredentials>
<clientCertificate>
<authentication mapClientCertificateToWindowsAccount='true'/>
</clientCertificate>
</serviceCredentials>

Thanks,


Rick