O'Reilly logo

Programming WCF Services by Juval Lowy

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Intranet Application

The characteristics of the intranet application are that both clients and service use WCF, and that the client and the service are deployed in the same intranet. The clients reside behind the firewall, and you can use Windows-based security for transfer security, authentication, and authorization. You can rely on Windows accounts and groups to store the client’s credentials. The intranet scenario addresses a wide range of business applications, from finance to manufacturing to in-house IT applications. The intranet scenario is also the richest scenario of all in the options it offers developers for configuring security. The following section on the intranet scenario will also define the terminology, techniques, and types used in the other scenarios.

Securing the Intranet Bindings

For the intranet scenario, you should use the intranet bindings; namely, NetTcpBinding, NetNamedPipeBinding, and NetMsmqBinding. You can rely on Transport mode for transfer security because the calls are invariably point-to-point. Conveniently, Transport security is the default transfer mode of the intranet bindings (see Table 10-1). For client credentials type, you set the transport client credentials type to Windows, which again is the default (see Table 10-2). You need to configure this on both the client and the service.

Transport security protection level

The three intranet bindings need to be configured for transport security. Each of the three intranet bindings has a ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required