Chapter 7. Understanding WCF Security


  • Understanding the service security principles

  • Getting started with WCF security

Security is a critical piece of any programming technology or framework for implementing service-oriented applications.

As you will see throughout this chapter, WCF has been built from the ground up for providing the necessary security infrastructure at the message and service level. In that sense, WCF provides a versatile extensibility model for security that allows developers to customize a large variety of runtime capabilities. The flexibility of incorporating extensions in the security subsystems has made it possible for WCF to support many of the existing security schemas and scenarios used to secure services. Many of the features that WCF provides in this area are covered, as well as some common deployment scenarios you might need while developing service-oriented applications with this technology. You also explore many of the core concepts involved in web service security. By having a previous understanding of these concepts, your learning curve for understanding and taking advantage of the available security features in WCF is more direct.


Security has always been a strong requirement for web services in the enterprise. There is no doubt that security and interoperability are two key contributors in the adoption and success of web services for developing distributed applications in the enterprise. ...

Get Professional WCF 4: Windows Communication Foundation with .NET 4 now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.