I’ve created a WCF service, with a WSDualHttpBinding. The security mode is not specified, so it is set to WSDualHttpSecurityMode.Message.
It works fine, connecting from a client to the server with a credential, that is allowed.
When I connect to a server with credentials, that are not allowed, I get a SecurityNegotiationException.
Thats all fine, what I now want to do, is that there is one function in the service, that is allowed to be called anonymously.
So I want to try to call the service and when my credential are not allowed, I want to call a function called GetDescription() that will return me a description of the service.
The reason is, that we are hosting some services and will discover them by broadcast. If there is a service, that the client is not allowed to, I want to see some details from the service, to overcome this issue, by reconfiguring the service.
Authentication is executed long time before any of your operation so with out of the box functionality it is not possible because exception is fired before WCF even knows what operation user called. Executing operations based on user “permissions” belongs to authorization and it is done only for authenticated users. Cheating WCF to allow that as you want to do it now would require some modification of security pipeline and excluding selected SOAP actions from authentication (I’m actually not sure how to do that).
What type of authentication are you using? If you have default configuration you should have Windows based authentication and then simply your users must call your service when logged in with valid AD account.
Btw. why are you doing custom discovery when WCF offers its own? You should use the same mechanism as WCF discovery does – expose separate unsecured endpoint for discovery.