Как передать Windows Credentials с клиента на WCF?

Question

[z_a_p_a_r_a]

Доброго времени суток... Хотя для меня уже третьи сутки голова кругом идет. Итак у нас есть клиент WPF и сервис на IIS.
Конфигурация клиента:

<system.serviceModel>
    <bindings>
      <basicHttpBinding>
        <binding name="TrackingHoursServiceBinding" maxReceivedMessageSize="2147483647" useDefaultWebProxy="False">
          <readerQuotas maxDepth="32" maxStringContentLength="20000" maxArrayLength="2147483647" 
            maxBytesPerRead="4096" maxNameTableCharCount="16384" />
          <security mode="TransportCredentialOnly">
            <transport clientCredentialType="Ntlm"/>
          </security>
        </binding>
        <binding name="BasicHttpBinding_ITFSService" />
      </basicHttpBinding>
    </bindings>
    <client>
      <endpoint address="http://______TrackingHoursService.svc" binding="basicHttpBinding" 
        bindingConfiguration="TrackingHoursServiceBinding" contract="ITrackingHoursService" 
         name="WSHttpBinding_ITrackingHoursService">
        <identity>
          <dns value="localhost" />
        </identity>
      </endpoint>
      <endpoint address="http://_____/TFSService.svc" binding="basicHttpBinding" 
        bindingConfiguration="BasicHttpBinding_ITFSService" contract="ITFSService" name="BasicHttpBinding_ITFSService" />
    </client>
  </system.serviceModel>

И сервиса Web.config:

<system.serviceModel>
    <protocolMapping>
      <add scheme="https" binding="basicHttpBinding" bindingConfiguration="TrackingHoursServiceBinding"/>
    </protocolMapping>
    <serviceHostingEnvironment multipleSiteBindingsEnabled="true" />
    <client />
    <bindings>
      <basicHttpBinding>
        <binding name="TrackingHoursServiceBinding" maxReceivedMessageSize="620000">
          <security mode="TransportCredentialOnly">
            <transport clientCredentialType="Ntlm" />
          </security>
        </binding>
        <binding name="BasicHttpBinding_IPortableService" maxBufferSize="2147483647" maxReceivedMessageSize="2147483647" receiveTimeout="00:10:00" sendTimeout="00:10:00" />
      </basicHttpBinding>
    </bindings>
    <services>
      <service behaviorConfiguration="_.TrackingHoursServiceBehavior" name="_.Service.TrackingHoursService">
        <endpoint address="" binding="basicHttpBinding" bindingConfiguration="TrackingHoursServiceBinding" contract="_.Service.ITrackingHoursService">
          <identity>
            <dns value="localhost" />
          </identity>
        </endpoint>
        <endpoint address="pcl" binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_IPortableService" contract="_.Service.ITrackingHoursService" />
      </service>
    </services>
    <behaviors>
      <serviceBehaviors>
        <behavior name="_.TrackingHoursServiceBehavior">
          <serviceMetadata httpGetEnabled="true" />
          <serviceDebug includeExceptionDetailInFaults="true" />
        </behavior>
      </serviceBehaviors>
    </behaviors>
    <extensions>
      <!-- In this extension section we are introducing all known service bus extensions. User can remove the ones they don't need. -->
      <behaviorExtensions>
        <add name="connectionStatusBehavior" type="Microsoft.ServiceBus.Configuration.ConnectionStatusElement, Microsoft.ServiceBus, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
        <add name="transportClientEndpointBehavior" type="Microsoft.ServiceBus.Configuration.TransportClientEndpointBehaviorElement, Microsoft.ServiceBus, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
        <add name="serviceRegistrySettings" type="Microsoft.ServiceBus.Configuration.ServiceRegistrySettingsElement, Microsoft.ServiceBus, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
      </behaviorExtensions>
      <bindingElementExtensions>
        <add name="netMessagingTransport" type="Microsoft.ServiceBus.Messaging.Configuration.NetMessagingTransportExtensionElement, Microsoft.ServiceBus,  Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
        <add name="tcpRelayTransport" type="Microsoft.ServiceBus.Configuration.TcpRelayTransportElement, Microsoft.ServiceBus, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
        <add name="httpRelayTransport" type="Microsoft.ServiceBus.Configuration.HttpRelayTransportElement, Microsoft.ServiceBus, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
        <add name="httpsRelayTransport" type="Microsoft.ServiceBus.Configuration.HttpsRelayTransportElement, Microsoft.ServiceBus, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
        <add name="onewayRelayTransport" type="Microsoft.ServiceBus.Configuration.RelayedOnewayTransportElement, Microsoft.ServiceBus, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
      </bindingElementExtensions>
      <bindingExtensions>
        <add name="basicHttpRelayBinding" type="Microsoft.ServiceBus.Configuration.BasicHttpRelayBindingCollectionElement, Microsoft.ServiceBus, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
        <add name="webHttpRelayBinding" type="Microsoft.ServiceBus.Configuration.WebHttpRelayBindingCollectionElement, Microsoft.ServiceBus, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
        <add name="ws2007HttpRelayBinding" type="Microsoft.ServiceBus.Configuration.WS2007HttpRelayBindingCollectionElement, Microsoft.ServiceBus, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
        <add name="netTcpRelayBinding" type="Microsoft.ServiceBus.Configuration.NetTcpRelayBindingCollectionElement, Microsoft.ServiceBus, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
        <add name="netOnewayRelayBinding" type="Microsoft.ServiceBus.Configuration.NetOnewayRelayBindingCollectionElement, Microsoft.ServiceBus, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
        <add name="netEventRelayBinding" type="Microsoft.ServiceBus.Configuration.NetEventRelayBindingCollectionElement, Microsoft.ServiceBus, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
        <add name="netMessagingBinding" type="Microsoft.ServiceBus.Messaging.Configuration.NetMessagingBindingCollectionElement, Microsoft.ServiceBus, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
      </bindingExtensions>
    </extensions>
  </system.serviceModel>

На IIS настройки следующие :







На стороне сервиса используя

OperationContext.Current.ServiceSecurityContext.WindowsIdentity.Name

Я могу получить имя пользователя который на даный момент использует WPF. Но мне нужны ICredentials.
Если я попытаюсь взять их с

System.Net.CredentialCache.DefaultCredentials
System.Net.CredentialCache.DefaultNetworkCredentials

оно всегда возвращает что то типа Domain\pcName$
Пытался установить их вот так

tcs = new TrackingHoursServiceClient();
				tcs.ClientCredentials.Windows.AllowedImpersonationLevel = System.Security.Principal.TokenImpersonationLevel.Impersonation;
				tcs.ClientCredentials.Windows.ClientCredential = System.Net.CredentialCache.DefaultNetworkCredentials;
				tcs.ChannelFactory.Credentials.Windows.AllowedImpersonationLevel = System.Security.Principal.TokenImpersonationLevel.Impersonation;
				tcs.ChannelFactory.Credentials.Windows.ClientCredential = System.Net.CredentialCache.DefaultNetworkCredentials;

Ничего не помогает.... Короче уже 3 дня играюсь .... Как мне передать эти чертовые креденшл на сервис и там из заюзать. мне не нужны не пароль ни имя юзера, а только креденшл что бы создать от его имени(используя его креденшл) tfs клиента и например создать Issue от имени юзера. Кто знает помогите пожалуйста)