Is it sufficient just to have the Custom Username validator in the web.config endpoint BindingConfiguration?

I have a Customer Username/Password validator. Is it sufficient enough to have it in the endpoints bindingConfiguration attribute in web.config or do I need to explicitly call it in the Service method. I noticed when I don't call it a Service operation, it doesn't get called. Am I doing something wrong?

This is how I have my bindings section defined:

<bindings>
  <wsHttpBinding>
    <binding name="CustomAuthentication">
      <security mode="Message">
        <message clientCredentialType="UserName"/>
      </security>
    </binding>
  </wsHttpBinding>
</bindings>

This is how I have my service node defined:

<service behaviorConfiguration="CustomValidator" name="Test.TestService">

My endpoint attribute has its BindingConfiguration = "CustomAuthentication"

This is how I have a behavior in my ServiceBehaviors defined:

<behavior name="Custom开发者_运维问答Validator">
      <serviceCredentials>
        <userNameAuthentication userNamePasswordValidationMode="Custom"
                                 customUserNamePasswordValidatorType="Test.CustomUserNameValidator, FuzionSync"/>

        <serviceCertificate findValue="MyWebSite" storeLocation="LocalMachine" storeName="My" x509FindType="FindBySubjectName"/>

        </serviceCredentials>

      <serviceMetadata httpGetEnabled="True"/>

    </behavior>

When I run the wcf test client to invoke the service call, it doesn't even call the Validate method. The only way I get it to call is if I put it in an operation to be called explicitly.

You need to specify this both in the binding configuration and in the service behavior. This is how it looks in one of our projects (the important parts are clientCredentialType="UserName" and the <serviceCredentials> element):

<bindings>
  <wsHttpBinding>
    <binding name="SSLWithCustomAuthentication">
      <security mode="TransportWithMessageCredential">
        <transport clientCredentialType="None" proxyCredentialType="None" />
        <message clientCredentialType="UserName" 
                 negotiateServiceCredential="true"
                 algorithmSuite="Default" />
      </security>
    </binding>
  </wsHttpBinding>
</bindings>

<behaviors>
  <serviceBehaviors>
    <behavior name="customAuthenticationBehavior">
      <serviceCredentials>
        <userNameAuthentication 
          userNamePasswordValidationMode="Custom"
          customUserNamePasswordValidatorType="Namespace.YourValidator, AssemblyName"/>
      </serviceCredentials>
    </behavior>
  </serviceBehaviors>
</behaviors>

and then have your service use behaviorConfiguration="customAuthenticationBehavior".

Note that I don't think WCF lets you use UserName authentication without SSL.