How to secure Azure Relay Service Bus Endpoint

Question

We are using basicHttpRelayBinding for WCF service which is exposed via Azure Service bus Relay.

We need to apply the security for this service so that end points are secured. Could someone please confirm whether all we need to do is below?

<security mode="Transport" relayClientAuthenticationType="RelayAccessToken" />
    ....
    <tokenProvider>
      <sharedAccessSignature keyName="WebServiceCaller" key="XXX" />
    </tokenProvider>

I've seen few example of on net using below and with token expiry etc. on client side code:

TokenFactory tf = new TokenFactory(
    string.Format("{0}-sb", serviceNamespace),
    issuerName, 
    issuerKey);

Just want to confirm the we are not missing anything that has security impact.

Just checked into a couple of your questions and it seems you always add "Thanks" to them. This is against the guidelines for SO. http://meta.stackexchange.com/a/3021/178881 — jessehouwing, Mar 16 '15 at 12:38

score 0 · Accepted Answer · answered Mar 07 '15 at 17:49

0

That is correct configuration.

Most common use is TokenProvider.CreateSharedAccessSignatureTokenProvider if you need to add it to your endpoint.

answered Mar 07 '15 at 17:49

Petar Vučetin

3,555
2
22
31

did you mean we need to use CreateSharedAccessSignatureTokenProvider on top of out of box RelayAccessToken? – Nil Pun Mar 07 '15 at 22:10
I was not suggesting adding anything extra. I was referring to TokenFactory. – Petar Vučetin Mar 08 '15 at 04:53

How to secure Azure Relay Service Bus Endpoint

1 Answers1