Mapping Credentials to Authentication Schemes

You may have noticed that an HTTP binding is configured with an HttpClientCredentialType whereas an HTTP binding element is configured with an AuthenticationScheme. How are these two settings related? If you want to switch between a custom binding and a standard binding for HTTP, then you need to know how to do the translation.

Here's how client credentials map to authentication schemes:

- HttpClientCredentialType.None becomes AuthenticationSchemes.Anonymous

HttpClientCredentialType.Certificate also becomes AuthenticationSchemes.Anonymous. Certificates are used with HTTPS rather than as authentication credentials on top of HTTP. This will be caught in validation if you try to use certificates with the TransportCredentialOnly security mode.  
  • HttpClientCredentialType.Basic becomes AuthenticationSchemes.Basic
  • HttpClientCredentialType.Digest becomes AuthenticationSchemes.Digest
  • HttpClientCredentialType.Ntlm becomes AuthenticationSchemes.Ntlm
  • HttpClientCredentialType.Windows becomes AuthenticationSchemes.Negotiate

Translation works the same way with proxy credentials and the proxy authentication scheme except that proxies don't have to worry about the issue with certificates.

Next time: Get a Real XML Parser

Comments

  • Anonymous
    December 31, 2007
    I need to make many simultaneous HTTP calls to the same service from my client application. How do I

  • Anonymous
    April 19, 2008
    This is a digest of WCF Security resources I was collecting for some time. Drop me a comment in case

  • Anonymous
    May 11, 2008
    This is a digest of WCF Security resources I was collecting for some time. Drop me a comment in case it is useful.