Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How to configure secure RESTful services with WCF using username/password + SSL

Tags:

I'm looking to write a config file that allows for RESTful services in WCF, but I still want the ability to 'tap into' the membership provider for username/password authentication.

The below is part of my current config using basicHttp binding or wsHttp w/out WS Security, how will this change w/ REST based services?

    <bindings>         <wsHttpBinding>             <binding name="wsHttp">                 <security mode="TransportWithMessageCredential">                     <transport/>                     <message clientCredentialType="UserName" negotiateServiceCredential="false" establishSecurityContext="false"/>                 </security>             </binding>         </wsHttpBinding>         <basicHttpBinding>             <binding name="basicHttp">                 <security mode="TransportWithMessageCredential">                     <transport/>                     <message clientCredentialType="UserName"/>                 </security>             </binding>         </basicHttpBinding>     </bindings>     <behaviors>         <serviceBehaviors>             <behavior name="NorthwindBehavior">                 <serviceMetadata httpGetEnabled="true"/>                 <serviceAuthorization principalPermissionMode="UseAspNetRoles"/>                 <serviceCredentials>                     <userNameAuthentication userNamePasswordValidationMode="MembershipProvider"/>                 </serviceCredentials>             </behavior>         </serviceBehaviors>     </behaviors>
like image 876
Toran Billups Avatar asked Sep 26 '08 19:09

Toran Billups

People also ask

How can I pass a username password in the header to a soap WCF service?

UserName. Password = "testPass"; In this way you can pass username, password in the header to a SOAP WCF Service.

How do I change my WCF username and password?

To configure a service to authenticate its clients using Windows Domain username and passwords use the WSHttpBinding and set its Security. Mode property to Message . In addition you must specify an X509 certificate that will be used to encrypt the username and password as they are sent from the client to the service.

What is transport security WCF?

Transport security mechanisms in Windows Communication Foundation (WCF) depend on the binding and transport being used. For example, when using the WSHttpBinding class, the transport is HTTP, and the primary mechanism for securing the transport is Secure Sockets Layer (SSL) over HTTP, commonly called HTTPS.

1 Answers

Here's a podcast on securing WCF REST services with the ASP.net membership provider:

http://channel9.msdn.com/posts/rojacobs/endpointtv-Securing-RESTful-services-with-ASPNET-Membership/

like image 60
denis phillips Avatar answered Nov 01 '22 08:11

denis phillips
Sign in to Comment

Related questions

Emacs 23 and iPython
How do I render thick 2D lines as polygons?
Ash (shell provided by busybox) tutorial [closed]
All minimum spanning trees implementation
Create a function with optional arguments in MySQL
Is there a simple "virtual file" class for .NET (c# if source is available)? [closed]
Using Game Center login to bootstrap login on remote server
How to build a secure and RESTful service in PHP?
What are Python best practices for dictionary dict key constants?
What is the preferred method for passing server data to a RequireJS module?
Stream live video from phone to phone using socket fd
How to input a null character into a web form?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!