Questions tagged [wcf-security]

Questions related to the authentication and authorization services for Windows Communication Foundation (WCF) applications

Windows Communication Foundation is Microsoft's implementation of the WS-* web service specifications. Its security functionality mainly deals with authentication, authorization and secure over-the-wire transmission of user credentials.

When setting up WCF Security for an application, the following parameters need to be configured:

The type of credential required, e.g. NTLM, plaintext, or certificate authentication
The security mode: transport mode (e.g. SSL), message mode (SOAP message security), or a combination of both
Which endpoint(s) are protected

Once a client successfully connects to an endpoint protected with WCF Security, the server application can examine the security context to determine the identity of the client and to determine its authorizations (which need to be configured separately).

1285 questions

votes

1 answer

What is difference in terms of security of WCF & ASMX service

i am starter for WCF. so i am looking for good write up which explain in detail what is difference in terms of security of WCF & ASMX service like how many way we can provide security for ASMX & WCF and what kind of security can be given to wcf but…

wcf asmx wcf-security

asked Jul 25 '14 at 07:22

Thomas

33,544
126
357
626

votes

0 answers

Implementing SSL in WCF

I have a small question about SSL implementation with Transport security in wcf. What i understood from Research is, First client makes a request to WCF via https. Server will send a public key to client. Client uses this public key and encrypts…

wcf ssl wcf-security transport-security

asked Jul 25 '14 at 03:24

Sukesh Marla

votes

1 answer

Certificate issue on console host and windows service host

I have a wcf service that is hosted on windows service and console host. and for some security reasons I'm using certificates. certificate is installed on the client machine correctly. I use both console host (for Test) and windows service host. as…

c# wcf windows-services wcf-security

asked Jul 21 '14 at 04:15

H.A

votes

3 answers

How to secure a WCF service using NetNamedPipesBinding so that it can only be called by the current user?

I'm using a WCF service with the NetNamedPipesBinding to communicate between two AppDomains in my process. How do I secure the service so that it is not accessible to other users on the same machine? I have already taken the precaution of using a…

wcf wcf-security netnamedpipebinding

asked Mar 19 '10 at 12:57

Samuel Jack

32,712
16
118
155

votes

1 answer

How to secure the MVC4 ASP.NET and WCF dll?

I have a project that has a WCF service project and MVC project which contains everything of MVC in my solution. I would like to know how to secure this dll as I would be exposing it or sharing this to some team, where my client asked me to secure…

asp.net asp.net-mvc security asp.net-mvc-4 wcf-security

asked Jul 02 '14 at 04:02

Jasmine

5,186
16
62
114

votes

1 answer

Add extra parameter to every WCF call

We have WCF services (web hosted in IIS) separatd by domains. We added some claim based security by adding ClaimsAuthorizationManager and overriding the CheckAccess method. Basicaly, we check if the ClaimsPrincipal have the permission needed to…

wcf testing wcf-security claims

asked Jun 19 '14 at 13:40

Patrice Cote

3,572
12
43
72

votes

1 answer

The caller was not authenticated by the service. Using wsHttpBinding and Already passing credentials

I went through the other posts on the site, but none could help me. So here is the error description that i get. The caller was not authenticated by the service. INNER EXCEPTION: System.ServiceModel.FaultException: The request for security token…

.net wcf security wcf-binding wcf-security

asked Jun 17 '14 at 16:00

Nanu

3,010
10
38
52

votes

1 answer

WCF Transport security over NetTcpBinding and NTLM: is server certificate needed for encryption?

WCF Transport security over NetTcpBinding is based on TLS-over-TCP. In my understanding TLS-over-TCP needs a certificate for TLS handshaking to exchange a shared secret. While in Windows workgroup, NTLM provides mechanism to exchange a shared secret…

wcf-security ntlm

asked Jun 09 '14 at 20:06

sz9

votes

1 answer

Authentication mobile apps function call with WCF Service

I have just started to create WCF Service for my mobile apps. Currently I have Multiple project in Single Solution. Main Web-Site Project Edmx project WCF lib project Authentication function public List Authenticate(string…

asp.net-mvc wcf wcf-security

asked May 15 '14 at 08:34

10K35H 5H4KY4

1,496
5
19
41

votes

1 answer

WCF: Invalid Security Header

Usually when I consume a web service I add a service reference, put in the URL for the WSDL, and then finagle my way through the API's. This time around I get a FaultException with the message: "Invalid security header". Here is my…

wcf .net-4.0 wcf-binding wcf-security fiddler

asked May 14 '14 at 13:41

micahhoover

2,101
8
33
53

votes

0 answers

WCF Windows authentication with netTcp binding. How to log SecurityNegotiationException on the server?

Usually on the WCF server side I would inherit BehaviorExtensionElement and add IServiceBehavior, which in turn would add IErrorHandler to all ChannelDispatchers to log all unhandled exceptions. It works just fine for all the exceptions but this:…

windows wcf authentication logging wcf-security

asked May 09 '14 at 17:06

dnk.nitro

votes

1 answer

Configuring a local network for WCF Security modes

I have several machines connected through a wireless router. When I build a WCF Service in one of the machines with "Security mode = 'None'", then I don't have any problem building client applications that access and use that service from other…

wcf wcf-security

asked May 01 '14 at 17:56

Rafael

2,413
4
32
54

votes

2 answers

WCF Service Authentication. Error is never returned when credentials is wrong

I am writing a quite simple WCF-service with username/password authentication. My code for the username/password validator looks like this: public class InvoiceServiceUserValidation : UserNamePasswordValidator { public override void…

c# wcf wcf-security

asked Apr 30 '14 at 07:38

sarcophilus

votes

1 answer

My self hosted service doesn´t authenticate a remote client (netTcpBinding, MessageSecurity Basic 128)

I have a self hosted service, it includes an endpoint that uses NetTcpBinding with message level security (Basic128). This service can be successfully added and accessed from a client located in the same machine But if I build a client in a remote…

wcf wcf-security

asked Apr 26 '14 at 15:56

Rafael

2,413
4
32
54

votes

1 answer

Is an exported SSL cert required for a client of a WCF application?

I have a WCF application that is configured for transport security only. The web server hosting that application has an SSL cert installed for that app. A customer is building their own client to consume the WCF services. Their development team is…

wcf wcf-security

asked Apr 21 '14 at 19:23

Stoop

1,235
3
17
23

Prev 1 2 3

…

85 86 Next