I inherited this code for making a call to a WCF service using claims based authentication( this just creates the binding, but you get the picture):
UserNameWSTrustBinding binding = new UserNameWSTrustBinding(SecurityMode.TransportWithMessageCredential);
WSTrustChannelFactory trustChannelFactory = new WSTrustChannelFactory(binding, new EndpointAddress(Endpoint));
trustChannelFactory.TrustVersion = TrustVersion.WSTrust13;
trustChannelFactory.Credentials.SupportInteractive = false;
trustChannelFactory.Credentials.UserName.UserName = ConfigurationManager.AppSettings["UserName"];;
trustChannelFactory.Credentials.UserName.Password = ConfigurationManager.AppSettings["Password"];
I know that the appsettings in the web.config can be encrypted, I'm just wondering what the best practice is around this.
The website, for reasons only known to the original designer, is a mixed internal/external site, in other words, there are parts exposed to the internet and parts that are only internal.
Unfortunately, although the part that uses the above binding is on the internal "site" and thus only accessible to internal users, we have been told that we need to future proof the design, which means that parts of the internal site could be availabe on the internet to unauthenticated users and thus, it was decided to store the credentials on the web.config.
what are the risks of doing this?
What should be done instead?
TIA
