Basic Authentication

It is possible to have a wcf with basic authentication.

For this the service needs to be configured with a behavior and the enpoint needs a binding configuration.

Example:

<!-- For use with Retail DMA -->
<service behaviorConfiguration="BasicAuthServiceBehavior" 
      name="RetailOrderInstructionService">
	<endpoint address="" binding="webHttpBinding" 
  	    contract="Kodi.Kodiak.Services.IRetailOrderInstructionService" 
		behaviorConfiguration="rest" 
	    bindingConfiguration="WebHttpsMessageCredentialBinding"/>
</service>

Service BehaviorConfiguration

<behaviors>
	<serviceBehaviors>
	<behavior name="BasicAuthServiceBehavior">
		<serviceMetadata httpGetEnabled="false" />
		<serviceDebug includeExceptionDetailInFaults="true" />
		<serviceCredentials>
			<userNameAuthentication userNamePasswordValidationMode="Custom" 
			customUserNamePasswordValidatorType="Kodi.Kodiak.Security.BasicUsernamePasswordValidator, Kodi.Kodiak.Security" />
			<serviceCertificate storeLocation="LocalMachine" 
			   storeName="My" 
			   x509FindType="FindByThumbprint" 
			   findValue="ea90bdd15d16be21bd17b547da5690e1756e6a3b"/>				
		</serviceCredentials>
		<serviceThrottling maxConcurrentCalls="200" 
		     maxConcurrentSessions="200" maxConcurrentInstances="200" />
		<dataContractSerializer maxItemsInObjectGraph="2147483646" />
	</behavior>
	...

Endpoint BindingConfiguration

needs to have a transport node with clientCredentialType = “Basic”

<bindings>
<webHttpBinding>
<binding name="WebHttpsMessageCredentialBinding">
	<security mode="Transport">
		<transport clientCredentialType="Basic" />
	</security>
</binding>	
...