How do I capture the username and password for a WCF Service if I am not writing the client(s)?

Question

I am writing a WCF Service that will require a username and password authentication, however, I am not responsible for writing the clients to access the service, so I am not sure how I can access the username and password. To give an example, when testing, I created the service and then I created a test application that would instantiate a client for me and then I would set the username and password like so:

WcfClient client = new WcfClient();
client.ClientCredentials.UserName.UserName = "test";
client.ClientCredentials.UserName.Password = "test";
client.Open();

Do I have to capture the client's username and password in some header, if so how would I go about doing this? Maybe WCF has something in place for this, but I don't understand it yet. If more clarification is needed, I will be glad to edit the post.

Answer 1

You can either go with the built-in WCF support for the ASP.NET membership provider or with rolling your own custom username validator. The ASP.NET membership provider approach is a more complete solution because it also has an admin capability to maintain the user names and passwords.