Configuring WCF with Membership Provider

Damir Dobric Posts

Next talks:



Follow me on Twitter: #ddobric




Create Certificate

Firs of all you have to create a certificate, because credentials have to protected. This example shows how to create selfsigned certificate:

Create in local machine if you want to host a service under system account:

makecert.exe -sr LocalMachine -ss My -n CN=localhost -sky exchange -sk –pe

Create it in local store of the current user if the service will be hosted in context of the currently logged user:

makecert.exe -sr CurrentUser -ss My -n CN=localhost -sky exchange -sk –pe

This is the result if certificate has been created in localmachine.


Now, you can drag or export this certificate to the store of user who will run the client. The certificate has to be imported in Trusted People:


and the root CA (issuer of self signed certificate) should be dragged/imported in trusted authorities:


Service Configuration

Now, you have to configure service properly. Here is the sample configuration, which shows all you need:


IIS Authentication Settings


Client Configuration:

Following picture shows all you need in the client configuration:


Client Code:

HelloWorldServiceClient serviceClient = new HelloWorldServiceClient();
serviceClient.ClientCredentials.UserName.UserName = "username";
serviceClient.ClientCredentials.UserName.Password = "password!";

Message Sequence
Last but not least, here is the sequence of messages exchanged between client and service. As you see, before the action is invoked (QueryProcessObjects) there are few negotiation messages, which establish the new session.


Posted Apr 14 2009, 09:40 PM by Damir Dobric
Filed under:


Damir Dobric wrote re: Configuring WCF with Membership Provider
on 05-12-2009 13:43

Please note that if "AspNetCompatibilityMode" is enabled Service Model will properly authenticate by using of MembershipProvider, but it will NOT use RoleProvider anymore.

The result of this behavior is that CurrentProncipal.Identity has a valid user authenticated by membership provider, but the user will not have any role.

In other words, it doesn't work.

Peter wrote re: Configuring WCF with Membership Provider
on 06-17-2009 8:09

What happens when you pass an invalid user name and password. WCF takes ages to come back..... is there a way for WCF to return straight away, it's only checking against the provider anyway. is a .Net Community Blog powered by daenet GmbH.