Ok, my head hurts from banging it against the wall. I'm new to WCF, I have searched for a solution for days, please help a desperate fellow programmer if you can :-(
I have a WCF service hosted in IIS, I implemented a UserNamePasswordValidator, and it seems impossible to find a way to return a custom error message to the client when the user is not allowed in, this blows my mind.
I have searched everywhere, many are asking the same question since 2006 and so far I haven't found an answer that works. If you are thinking of replying that it is not secure to return a custom error message to an unauthenticated client, please save yourself
some time and don't do it. There are multiple enterprise business scenarios that this is required. Just in our organization an account could be locked out, in which case the user must be directed to the IT department to get it unlocked, it could be that the
credentials are correct but the user hasn't paid their fees in which case they must be directed to the appropriate department, or it could even be that the user tried to access the service during a time of the day in which the service is not available.
From searching around, I have tried doing the things below in the Validate method, however the client always receives a MessageSecurityException, which contains none of the custom messages that were originally thrown, neither in the object,
View Complete Post