Basic Authentication with WCF REST service to something other than windows accounts?

Question

Is there a clean way to expose a WCF REST service that requires basic authentication, but where we handle the actual validation of the username/password ourselves? It seems

Answer 1

is the username and password set on the client like:

cc.ClientCredentials.UserName.UserName = ReturnUsername();
cc.ClientCredentials.UserName.Password = ReturnPassword();

Or are they embedded in the body of the REST message?

If the former, you can use a custom UserNamePasswordValidator: http://msdn.microsoft.com/en-us/library/aa702565.aspx

If the latter, you can set the service to no security, and use a custom ServiceAuthorizationManager to validate the contents of the message: http://msdn.microsoft.com/en-us/library/ms731774.aspx

Hope one or the other helps! I'd try to post sample code & config, but I'm @ home and dont have access to code, which is all @ work.