Can WCF do WindowsAuthentication with username password?

Question

I'm building an wcf service that is meant to run in an intranet environment using Windows Authentication. I have been merrily working along with some kind of default settings on the local computer.

Problem now is that I need to test it installed to an off site demo computer. I just need to get it running with username password used against the wcf service computer's user accounts.

This is my client code:

using (ImportServiceClient client = new ImportServiceClient("ImportServiceSoap12", REMOTE_ADDRESS))
{
    client.ClientCredentials.Windows.AllowNtlm = true;
    client.ClientCredentials.Windows.ClientCredential =
        new NetworkCredential(userName, password, computerName);

    result = client.Sync(items.ToArray());
}

Is it possible to configure the wcf service such that it translates the credential to a windows account on it's machine?

I've been reading contradicting posts here and there, but I feel rather sure IIS shouldn't be part of the authentication. I'm unsure wether ASP.Net authentication node applies or if it's all binding configuration.

Ideally I'd like it to be an NTLM type authentication so that I wouldn't need to set up https.

Answer 1

Is it possible to configure the wcf service such that it translates the credential to a windows account on its machine?

No. Integrated Windows Authentication requires that both the server and the client are part of the same domain (or domains with a trust relationship, in any case). You can't usefully run IWA against local computer accounts on the server.

You will have to use some other (potentially custom) form of authentication and then impersonate to the user you want to run as in the server code.