Pro WCF: Practical Microsoft SOA Implementation
by Chris Peiris, Dennis Mulder, Shawn Cicoria, Amit Bahree, Nishith Pathak
Summary
You learned the essentials of WCF security in this chapter. We discussed the following concepts in detail:
WCF security is based on four important concepts: authentication, authorization, integrity, and confidentiality.
You can utilize WCF security at the transport layer, message layer, or at both the transport and message layer (mixed). These are commonly referred to as modes.
Transport-layer security depends on the transport (specifically, SSL) to protect the communication between the client and the service. This method is faster. However, the credential types supported in WCF are limited (in other words, no rich SAML tokens). The messages can also be vulnerable in the recipient's domain after the messages leave the SSL gateway.
Message-level ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access