In Windows Communication Foundation, we can configure to use security at different levels
- Transport Level security.
- Message Level Security
Transport Level security.:-
Transport Level security means providing security at the transport layer itself. When dealing with security at Transport level, we are concerned about integrity, privacy and authentication of message as it travels along the physical wire. It depends on the binding being used that how WCF makes it secure because most of the bindings have built-in security.<netTcpBinding>
<binding name=”netTcpTransportBinding”>
<security mode=”Transport”>
<Transport clientCredentialType=”Windows” />
</security>
</binding>
</netTcpBinding>
Message Level Security.:-
For Tranport level security, we actually ensure the transport that is being used should be secured but in message level security, we actually secure the message. We encrypt the message before transporting it.<wsHttpBinding>
<binding name=”wsHttpMessageBinding”>
<security mode=”Message”>
<Message clientCredentialType=”UserName” />
</security>
</binding>
</wsHttpBinding>
It totally depends upon the requirements but we can use a mixed security mode also as follows:
<basicHttpBinding>
<binding name=”basicHttp”>
<security mode=”TransportWithMessageCredential”>
<Transport />
<Message clientCredentialType=”UserName” />
</security>
</binding>
</basicHttpBinding>
In this above post I explained how to use security at different levels in WCF service. I hpe you enjoyed it so please send your feedback and queries. Thnak You.
No comments:
Post a Comment