Firs of all you have to create a certificate, because credentials have to protected. This example shows how to create selfsigned certificate:
Create in local machine if you want to host a service under system account:
makecert.exe -sr LocalMachine -ss My -n CN=localhost -sky exchange -sk –pe
Create it in local store of the current user if the service will be hosted in context of the currently logged user:
makecert.exe -sr CurrentUser -ss My -n CN=localhost -sky exchange -sk –pe
This is the result if certificate has been created in localmachine.
Now, you can drag or export this certificate to the store of user who will run the client. The certificate has to be imported in Trusted People:
and the root CA (issuer of self signed certificate) should be dragged/imported in trusted authorities:
Now, you have to configure service properly. Here is the sample configuration, which shows all you need:
IIS Authentication Settings
Following picture shows all you need in the client configuration:
HelloWorldServiceClient serviceClient = new HelloWorldServiceClient();
serviceClient.ClientCredentials.UserName.UserName = "username";
serviceClient.ClientCredentials.UserName.Password = "password!";
Last but not least, here is the sequence of messages exchanged between client and service. As you see, before the action is invoked (QueryProcessObjects) there are few negotiation messages, which establish the new session.
Apr 14 2009, 09:40 PM