I recently worked on a solution where partners would call web services, and “transport security” (SSL) would be used for confidentiality and client authentication. In this solution, partner information, like agreement ID, should be looked up. Wouldn’t it be nice if data from the client certificate used for authentication could be used in party resolution? Yes, but I haven’t found a way to make it work.
If I look at the context properties written by the WCF adapter, there are no certificate related. (In ASP and ASP.NET, you can use the CERT_SUBJECT or CERT_SERIALNUMBER server variables.) In other words, it is not even possible to write a custom party resolution component to do the party resolution.
With the SOAP adapter, it is the same story, but there you could at least set up certificate to user mapping in IIS. If you do that, the Windows user ID ends up in the WindowsUser context property, and the built-in party resolution component works. This mapping technique doesn’t seem to work with the WCF adapter, though. The only workaround I can come up with is to use message security instead, where the signature and certificate is part of the SOAP header.
If anyone has another idea, I would be glad to hear it.