WS_USERNAME_MESSAGE_SECURITY_BINDING structure (webservices.h)

The security binding subtype for specifying the use of an application supplied username / password pair as a direct (i.e., one-shot) security token. This security binding may be used only with message security. It provides client authentication, but not traffic signing or encryption. So, it is used in conjunction with another transport security or message security binding that provides message protection.

Only one instance of this binding may be present in a security description. This security binding is not supported with the WS_NAMEDPIPE_CHANNEL_BINDING.

With this security binding, no security binding properties may be specified.

Syntax

typedef struct _WS_USERNAME_MESSAGE_SECURITY_BINDING {
  WS_SECURITY_BINDING           binding;
  WS_MESSAGE_SECURITY_USAGE     bindingUsage;
  WS_USERNAME_CREDENTIAL        *clientCredential;
  WS_VALIDATE_PASSWORD_CALLBACK passwordValidator;
  void                          *passwordValidatorCallbackState;
} WS_USERNAME_MESSAGE_SECURITY_BINDING;

Members

binding

The base type from which this security binding subtype and all other security binding subtypes derive.

bindingUsage

How the security token corresponding to this security binding should be bound to a message.

Only WS_SUPPORTING_MESSAGE_SECURITY_USAGE is supported. With this usage, this security binding provides client authentication, but not message protection (such as signing, encryption, replay detection). Thus, this binding must be used together with another security binding such as the WS_SSL_TRANSPORT_SECURITY_BINDING that provides a protected channel.

To use this binding on HTTP without SSL, the security description property WS_SECURITY_PROPERTY_TRANSPORT_PROTECTION_LEVEL must be explicitly set to WS_PROTECTION_LEVEL_NONE. This is not supported on the client or on TCP.

clientCredential

The username credential to be used with this security binding. This must be specified when this security binding is used on the client.

passwordValidator

The validator to be used to check received username/password pairs. This must be specified when this security binding is used on the service.

passwordValidatorCallbackState

The optional state to be passed in as an argument when the username validator is invoked.

Requirements

Requirement Value
Minimum supported client Windows 7 [desktop apps only]
Minimum supported server Windows Server 2008 R2 [desktop apps only]
Header webservices.h