Introduction and Goal
Basics Transport and Message level security
Step 1:- Customize ‘WsHttp’ Bindings with security mode and credential type
Step 2:- Create your custom validator class
Step 3:- Define runtime behavior
Step 4:- Define SSL for your WCF service
Step 5 :- Consume WCF Service
Step 6: Run your WCF service
Source code
My other WCF articles
Basics Transport and Message level security
Step 1:- Customize ‘WsHttp’ Bindings with security mode and credential type
Step 2:- Create your custom validator class
Step 3:- Define runtime behavior
Step 4:- Define SSL for your WCF service
Step 5 :- Consume WCF Service
Step 6: Run your WCF service
Source code
My other WCF articles
Introduction and Goal
In the article we will try to apply DUAL security using transport plus message on WCF services. So we will first try to understand the basic concepts of WCF security i.e. transport and message. Once we understand the concept we will move step by step in to how to implement SSL and user name security on WCF services.
In case you are a complete fresher to WCF you can start from here.
Watch my 500 videos on various topics like design patterns,WCF, WWF , WPF, LINQ ,Silverlight,UML, Sharepoint ,Azure,VSTS and lot more @ click here , you can also view my WCF videos Part :-1 and Part:- 2
Enjoy my free ebook which covers major .NET related topics like WCF,WPF,WWF,Ajax,Core .NET,SQL Server, Architecture and lot more Download from here
Basics Transport and Message level security
On a broader basis WCF supports two kinds of security, transport level and message level security. Transport means the medium on which WCF data travels while message means the actual data packets sent by WCF.
Transport medium can be protocols like TCP, HTTP, MSMQ etc. These transport mediums by themself provide security features like HTTP can have SSL security (HTTPS). WCF has the capability of leveraging underlying transport security features on WCF service calls.
Message level security is provided in the data itself using WS-Security. In other words it’s independent of the transport protocol. Some examples of message level security are messages encrypted using encryption algorithm, messages encrypted using X509 certificate etc, messages protected using username etc.
WCF gives you an option to either just use message level security in stand alone, transport level in stand alone or combination of both. If you are interested in how to do message level security and transport security in a standalone manner you can read more from here.
Read more: .NET Funda