message clientcredentialtype="userName"
PrincipalPermission
clientCredentials
serviceCredentials userNamePasswordValidationMode useAspNetRoles
-------------------------------------------------------------------------
<behavior>
<serviceAuthorization principalPermissionMode="UseAspNetRoles"/>
<serviceCredentials>
<userNameAuthentication userNamePasswordValidationMode="MembershipProvider"/>
<serviceCertificate storeName="TrustedPeople" storeLocation="LocalMachine" x509FindType="FindByThumbprint" findValue="">
</serviceCredentials>
</behavior>
<binding>
<security mode="Message">
<message clientCredentialType="UserName">
</security>
</binding>
server side
[PrincipalPermission(SecurityAction.Demand,Role="")]
public void Method(){}
client side
client.ClientCredentials.UserName.UserName=""
client.ClientCredentials.UserName.Password=""