Reputation: 4943
Which WCF security mode to use
I've recently built a WCF service and am now ready to add security to it. I'd like to have it available over https, internet facing and the client will authenticate with a username and password. I'm only going to have 3 users so I want to make the authentication as simple as possible. Also, requests will be one at a time, where I would like the requester to authenticate each time (which, to me, means message client credentialing). Also, this will be hosted in IIS6. My reading on WCF shows a lot of security options and frankly I'm overwhelmed on what to choose.
Given the requirements above, which configuration option should I choose and how should I configure WCF. Are there any sample projects that implement security like what I need?
Upvotes: 3
Views: 864
Answers (1)
Reputation: 1666
Service Configuration :
Binding : wsHttpBinding
Security Mode : Message
ClientCredentialMode : UserName
Client Configuration :
CertificateValidationMode : PeerOrChainTrust
Proxy :
proxy.clientCredentials.UserName.Username
proxy.clientCredentials.UserName.Password
Also you can see the following URL :
http://msdn.microsoft.com/en-us/library/vstudio/aa967563(v=vs.90).aspx
Upvotes: 2
Related Questions
- WCF Service - Mixed security bindings?
- WCF Security, TCP or http?
- choosing wcf security mode
- Security Modes in WCF service
- What's the simplest security method of a WCF service
- Which security mode to use in WCF client with SSL and HTTP Authentication?
- WCF easiest security mode to implement
- What's the best WCF security mode when SSL is not an option
- which type of security is needed for WCF
- Choosing best security option for WCF