Questions tagged [wcf-security]

Questions related to the authentication and authorization services for Windows Communication Foundation (WCF) applications

Windows Communication Foundation is Microsoft's implementation of the WS-* web service specifications. Its security functionality mainly deals with authentication, authorization and secure over-the-wire transmission of user credentials.

When setting up WCF Security for an application, the following parameters need to be configured:

The type of credential required, e.g. NTLM, plaintext, or certificate authentication
The security mode: transport mode (e.g. SSL), message mode (SOAP message security), or a combination of both
Which endpoint(s) are protected

Once a client successfully connects to an endpoint protected with WCF Security, the server application can examine the security context to determine the identity of the client and to determine its authorizations (which need to be configured separately).

1285 questions

votes

1 answer

The remote certificate is invalid according to the validation procedure. WCF Error

we have recently change one of our .asmx service to .svc the issue we are facing is we are unable to call the service from : 1. an application hosted on the same server as the .svc 2. an application hosted on different server then .svc it gives the…

wcf wcf-binding wcf-security

asked Mar 25 '15 at 18:53

user3363495

votes

1 answer

0x800b0110 ("The certificate is not valid for the requested usage".) Error in IIS 8 Windows server 2012

In the Server I have configured a intermediate certificate .pfx file in the IIS and created a https (443) port using binding option. I use certificate for Authorisation also I am expecting a client certificate from the client , I enabled the Require…

iis client ssl-certificate wcf-security restful-authentication

asked Mar 09 '15 at 05:24

Sivasu

votes

1 answer

How can i design a challenge/response authentication for soft token-based mechanism in C#?

I want to design a secure connection between a client and a server. in this scenario, at the first, client send its credentials to server ,then server corresponded this information, make a soft-token and send to the client. since then, the client…

c# cryptography token wcf-security

asked Mar 06 '15 at 21:35

Morteza Kardoust

votes

1 answer

Is WCF affected by FREAK attack?

There is new attack named as FREAK Is WCF affected by FREAK attack? As I understood from this question there is no way how to programmatically specify allowed cipher in WCF.

wcf ssl wcf-security man-in-the-middle

asked Mar 05 '15 at 11:09

Yuriy

2,670
6
33
48

votes

1 answer

Get custom "IIdentity and IPrincipal" client from WCF Service

I have a custom IIdentity called MyIdentity, and custom IIprincipal called MyPrincipal. These classes are used in three different projects: ASP.NET MVC ASP.NET WebForms Windows Forms These three projects get information from a WCF Service. It is…

c# wcf wcf-security iprincipal iidentity

asked Mar 04 '15 at 18:05

JaimeCamargo

votes

1 answer

What is the best way to check for credentials in wcf service?

I need to write a WCF Service which takes one input parameter and based on this input parameter,there will be a business logic and it returns a true or false. Now to have authorization to use this service,i need to check for credentials also. What…

wcf wcf-security

asked Mar 04 '15 at 12:33

Santosh

2,355
10
41
64

votes

0 answers

How to secure ajax enabled wcf services from jquery client access in asp.net

I looked at many solution for basic authentication but i failed to understand. So please help me to solve this problem. Here is my code which call wcf service $.ajax({ url: "Ajaxservices/Activity.svc/getMaterials", dataType: 'json', contentType:…

jquery asp.net wcf-security

asked Feb 26 '15 at 08:21

sheshadri

1,207
9
21

votes

1 answer

Make WCF call ClaimsAuthenticationManager.Authenticate only once per session

I setup a custom ClaimsAuthenticationManager for my wcf service. Now I found out that the method ClaimsAuthenticationManager.Authenticate is executed for each and every wcf call. Instead I want to have it executed once per session to avoid…

wcf wcf-binding wcf-security claims-based-identity wcf-sessions

asked Feb 21 '15 at 17:06

driAn

3,245
4
41
57

votes

1 answer

User Authentication in BizTalk Published Orchestration as WCF-WSHttp

I have published an orchestration as a WCF web service using WCF_WSHttp bindings. I think we about the SSL certificate working. It will be open to the internet, thus anyone who knows the URL could call it and pass data; so we want to add user/pass…

biztalk wcf-security biztalk-2010

asked Feb 09 '15 at 18:05

NealWalters

17,197
42
141
251

votes

1 answer

Secured WCF service timing out on 2nd invocation of client channel

We have a secured & authenticated WCF service which cannot use service references. Thus, we provide the interface for the contracts and open client channel manually. We have found out that as long we open it once, everything works fine. We can call…

asp.net wcf wcf-security

asked Jan 26 '15 at 13:59

this

1,406
11
23

votes

2 answers

WCF: Using Multiple Authentication Schemes on same endpoint

I have a WCF service which i host as a Windows Service. I need to support both Windows and NTLM authentication on the service endpoint. I came across a MSDN page which explains exactly the same with .NET 4.5, here's the…

c# .net web-services wcf wcf-security

asked Jan 14 '15 at 10:38

hemaanshu

votes

2 answers

Does WCF's reliableSession guarantee that messages are not corrupted by transport?

here's my problem. I am using WCF for communication between two services. I am wondering if the reliableSession option guarantees that a message received by one service is really the same as the message sent by the other service, i.e., that no bit…

wcf soa wcf-binding wcf-security

asked May 07 '10 at 09:47

Jan

2,480
2
17
19

votes

1 answer

WCF Could not establish trust relationship for the SSL/TLS secure channel with authority

I have deployed my WCF service in QA server with self signed certificate. My service use TransportWithMessageCredential mode with clientCredentialType="UserName" on WSHttpBinding. When I invoked the QA service from my local I got Could not…

wcf ssl wcf-security

asked Dec 15 '14 at 07:17

user3771120

votes

1 answer

Message Encryption not working with wsHTTPBinding

I can't seem to get message encryption working for wsHTTPBinding. My setup is: IIS Server Default Web Site requires SSL and is tied to a self signed certificate I used using the IIS Self signing cert link. SSL allows Certificate. In my Web.Config…

wcf ssl encryption wcf-security

asked Dec 12 '14 at 15:56

Tyddlywink

votes

0 answers

What WCF security should I choose

I'm new to WCF and got confused to choose security and authentication. Below are my requirements I'm going to publish my service on internet. I should get only user id and password from the client consuming the service. There should not be any…

wcf wcf-data-services wcf-binding wcf-security

asked Dec 12 '14 at 11:49

user3771120

Prev 1 2 3

…

85 86 Next