Intranet Application Scenario
The characteristics of the intranet application are that both the clients and the service use WCF, and that they are deployed in the same intranet. The clients reside behind the firewall, and you can use Windows-based security for transfer security, authentication, and authorization. You can rely on Windows accounts and groups to store the client’s credentials. The intranet scenario addresses a wide range of business applications, from finance to manufacturing to in-house IT applications. The intranet scenario is also the richest scenario of all in the options it offers developers for configuring security.
This section on the intranet scenario will define the terminology, techniques, and types used in the other scenarios.
Securing the Intranet Bindings
For the intranet scenario, you should use the intranet
NetMsmqBinding. You can rely on Transport
mode for transfer security because the calls are invariably
point-to-point. Conveniently, Transport security is the default
transfer mode of the intranet bindings (see Table 10-1). You can also use
the default for the client credentials type, which is Windows (see
Table 10-2). You need
to configure this on both the client and the service.
Transport security protection level
Each of the three intranet bindings has a configurable protection level, which is the master switch for Transport protection. The three protection levels are:
When configured for this ...