Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

What is the best way to secure a WCF service?

Tags:

.net

wcf

What is the best way to secure a WCF service? Should I add a header to service calls and have a message inspector on the client that verifies the header?

I need to make sure that the person provides the correct user name and password to use the service and that everything is encrypted. It is over the internet and will be using HTTP binding.

like image 833
SO Vigilante Avatar asked Nov 15 '25 14:11

SO Vigilante

2 Answers

That depends on what you mean by "secure". You can start with SSL (https), and progress to authentication techniques if you want to authenticate clients. You really need to elaborate on your goals...

like image 69
HackyStack Avatar answered Nov 17 '25 05:11

HackyStack

You should take a look at this MSDN article, which sums up the options.

Much like a typical web application, you have several ways to secure the site:

  1. Transport security (SSL)
  2. Message security (message security header)
  3. Transport with message credentials (combined)

The answer depends on what level of security you need to use for your application. In many cases, transport security may suffice.

like image 37
Garrett Vlieger Avatar answered Nov 17 '25 04:11

Garrett Vlieger
Sign in to Comment

Related questions

Default Value when using SingleOrDefault()
Drawing Arrow between two points in ASP.NET
Graphics.MeasureCharacterRanges incorrect when TextRenderingHint.ClearTypeGridFit is enabled

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!