Okay so scenario goes like this :
I have multiple web applications, which consume a wcf service. and now i am making a change to wcf service to consume Sharepoint 2010 Web Service i.e. UserprofileService.asmx
Web Application - > WCF Service - > Sharepoint WebService
And the problem is if i use the below code in wcf service, it works fine with the Sharepoint Service, and i am able to access the methods available in sharepoint userprofile service, when i test the wcf service from my machine.
C#
service.ClientCredentials.Windows.AllowedImpersonationLevel = System.Security.Principal.TokenImpersonationLevel.Impersonation;
service.ChannelFactory.Credentials.Windows.ClientCredential = System.Net.CredentialCache.DefaultNetworkCredentials;
Web.config
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Ntlm" proxyCredentialType="None"
realm="" />
<message clientCredentialType="UserName" algorithmSuite="Default" />
</security>
But i am no longer able to call the WCF Service from my web application as the web application uses the below.
<security mode="Message">
<transport clientCredentialType="Windows" proxyCredentialType="None" realm="">
<extendedProtectionPolicy policyEnforcement="Never"/>
</transport>
<message clientCredentialType="Windows" negotiateServiceCredential="true" algorithmSuite="Default" establishSecurityContext="true"/>
</security>
I need a way to configure WCF Service in such a way, that it still be able to talk with all the existing applications, and be able to talk to Sharepoint Service at the same time.
Most Importantly i want to use the service account(Ex: b2\deltaUser) under which WCF service runs to access the profiles of different users in share point userprofile service. Do i need to use impersonation ? If yes, how can i use it here.
