I have a simple WCF service that I want to publish to the public internet via IIS 7. My original plan was to publish the service to iis and turn on WIndows Authentication.
But I was reading some articles on the internet about doing such a thing and it was not advised. Instead some were suggesting that you use a x509 certificate. This did not look too appealing because the amount of configuration that was needed. And does this mean that the persons consuming the service will need a certificate as well?
I just want to simply give out the url of the service along with a username and password for each user and that be that.
What is the easiest (but secure) way to accomplish this task?