If you are using username authentication, use Membership Provider instead of custom authentication
Jason Taylor, Prashant Bansode, Carlos Farre, Madhu Sundararajan, Steve Gregersen
If you are using username authentication in WCF, do not try to implement your own user authentication mechanism. Use the Membership Provider to authenticate users, using username / password combinations.
The membership feature is a good choice as it allows you to enable user name authentication without writing and maintaining custom code.
The Membership Provider can be integrated into a WCF application to authenticate consumers of your service. Use a WCF binding that supports user name/password credentials, such as the
and set the client credential type to UserName. Configure the membership provider in your configuration file to authenticate users against the membership store.
The following configuration snippet shows how to configure the username authentication with membership provider:
Set the Authentication Type to Username as follows.
<message clientCredentialType="UserName" />
Set the Service Credentials configuration to use Membership Provider
Set the Membership Provider configuration to be used.
<membership defaultProvider="MyMembershipProvider" >
type="Provider Type" />