After solving my previous problem, I wanted to convert netTcpBinding to customBinding, which I successfully dealt with. However, WcfTestClient (and the regular client) gives an error while trying to retrieve metadata when I set up a special authorization policy (works fine without!).
My configuration:
<serviceAuthorization principalPermissionMode="Custom">
<authorizationPolicies>
<add policyType="Sample.Tools.CustomAuthorizationPolicy, Sample" />
</authorizationPolicies>
I read on MSDN (here: http://social.msdn.microsoft.com/Forums/en-IE/wcf/thread/80a33bc6-0765-45f6-8af5-0a414a5cc40d ) that this could be caused by what is also required special authorization manager. I tried this and added a CustomAuthorizationManager (with CheckAccessCore validation always returning true), but that didn't work.
This is added to config as:
<serviceAuthorization principalPermissionMode="Custom" serviceAuthorizationManagerType="Sample.Tools.CustomAuthorizationManager, Sample">
<authorizationPolicies>
<add policyType="Sample.Tools.CustomAuthorizationPolicy, Sample" />
</authorizationPolicies>
:
:
<customBinding>
<binding name="SampleBinding" receiveTimeout="00:05:00">
<transactionFlow/>
<security authenticationMode="SecureConversation" messageSecurityVersion="WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10">
<secureConversationBootstrap authenticationMode="UserNameForSslNegotiated" messageSecurityVersion="WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10">
<localClientSettings maxClockSkew="23:59:59" />
<localServiceSettings maxClockSkew="23:59:59" />
</secureConversationBootstrap>
<localClientSettings maxClockSkew="23:59:59" />
<localServiceSettings maxClockSkew="23:59:59" />
</security>
<binaryMessageEncoding/>
<tcpTransport transferMode="Buffered" portSharingEnabled="true" maxReceivedMessageSize="65536" hostNameComparisonMode="StrongWildcard"/>
</binding>
</customBinding>
:
<behavior name="SampleBehavior">
<serviceMetadata httpGetEnabled="false" />
<serviceDebug includeExceptionDetailInFaults="true" httpHelpPageEnabled="true" httpsHelpPageEnabled="true" />
<serviceAuthorization principalPermissionMode="Custom" serviceAuthorizationManagerType="Sample.Tools.CustomAuthorizationManager, Sample">
<authorizationPolicies>
<add policyType="Sample.Tools.CustomAuthorizationPolicy, Sample" />
</authorizationPolicies>
</serviceAuthorization>
<serviceCredentials>
<serviceCertificate findValue="MySample" storeLocation="LocalMachine" storeName="My" x509FindType="FindBySubjectName" />
<userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="Sample.Tools.CustomUserNameValidator, Sample" />
</serviceCredentials>
<serviceThrottling maxConcurrentCalls="2147483647" maxConcurrentSessions="2147483647" maxConcurrentInstances="2147483647" />
</behavior>
:
<services>
<service behaviorConfiguration="SampleBehavior"
name="Sample.SampleService">
<endpoint address=""
binding="customBinding"
bindingConfiguration="SampleBinding"
name="MyServiceEndpoint"
contract="Sample.ISampleService">
<identity>
<dns value="localhost" />
</identity>
</endpoint>
<endpoint address="mex"
binding="mexTcpBinding"
bindingConfiguration=""
name="MyServiceMexTcpBidingEndpoint"
contract="IMetadataExchange" />
<host>
<baseAddresses>
<add baseAddress="net.tcp://localhost:809/SampleService.svc" />
</baseAddresses>
</host>
</service>
</services>
.