patterns & practices Improving Web Services Security Guide

	patterns & practices Improving Web Services Security Guide

CodePlex
Open Source Community

Home

RSS

All Project Updates

Discussions

Issue Tracker

Releases

Reviews

Source Code

Wiki & Documentation

RSS

View All Comments | Print View | Page Info | Change History (all pages)

Home

patterns & practices Improving Web Services Security - Now Released

Welcome to the patterns & practices Improving Web Services Security: Scenarios and Implementation Guidance for WCF project site! This guide shows you how to make the most of WCF (Windows Communication Foundation). With end-to-end application scenarios, it shows you how to design and implement authentication and authorization in WCF. Learn how to improve the security of your WCF services through prescriptive guidance including guidelines, Q&A, practices at a glance, and step-by-step how tos. It's a collaborative effort between patterns & practices, WCF team members, and industry experts. This guide is related to our WCF Security Guidance Project.

- J.D. Meier, Carlos Farre, Jason Taylor, Prashant Bansode, Steve Gregersen, Madhu Sundararajan, Rob Boucher

Download the Guide

Released version posted on August 1st. Start using the guide today!

Download the Improving Web Services Security Guide - Release v1

Parts

Part I, "Security Fundamentals for Web Services"
Part II, "Fundamentals of WCF Security"
Part III, "Intranet Application Scenarios"
Part IV, "Internet Application Scenarios"

Forewords

Chapters

Part I, Security Fundamentals for Web Services

Part II, Fundamentals of WCF Security

Part III - Intranet Application Scenarios

Part IV - Internet Application Scenarios

Checklist

WCF Security Checklist

Guidelines

WCF Security Guidelines

Practices

WCF Security Practices at a Glance

Questions and Answers

WCF Questions and Answers (Q&A)

How Tos

Resources

WCF Security Resources

Team

Core Team: J.D. Meier, Carlos Farre, Jason Taylor, Prashant Bansode, Steve Gregersen, Madhu Sundararajan, Rob Boucher
Contributors and Reviewers

Feedback

Send mail to WCFSec@microsoft.com
Post comments on the Discussions page.
Fill out our questionaire and send the answers to WCFSec@microsoft.com

Community

Guidance Share

Last edited Aug 28 2008 at 1:12 AM by mycodeplexuser, version 44

76 people are following this project (follow)

Download

Microsoft patterns & practices License for WCF Security Guide

This license governs use of the accompanying software. If you use the software, you accept this license. If you do not accept the license, do not use the software.

1. Definitions

The terms “reproduce,” “reproduction,” “derivative works,” and “distribution” have the same meaning here as under U.S. copyright law.

A “contribution” is the original software, or any additions or changes to the software.

A “contributor” is any person that distributes its contribution under this license.

“Licensed patents” are a contributor’s patent claims that read directly on its contribution.

2. Grant of Rights

(A) Copyright Grant - Subject to the terms of this license, including the license conditions and limitations in section 3, each contributor grants you a non-exclusive, worldwide, royalty-free copyright license to reproduce its contribution, prepare derivative works of its contribution, and distribute its contribution or any derivative works that you create.

(B) Patent Grant - Subject to the terms of this license, including the license conditions and limitations in section 3, each contributor grants you a non-exclusive, worldwide, royalty-free license under its licensed patents to make, have made, use, sell, offer for sale, import, and/or otherwise dispose of its contribution in the software or derivative works of the contribution in the software.

3. Conditions and Limitations

(A) No Trademark License - This license does not grant you rights to use any contributors’ name, logo, or trademarks.

(B) If you bring a patent claim against any contributor over patents that you claim are infringed by the software, your patent license from such contributor to the software ends automatically.

(C) If you distribute any portion of the software, you must retain all copyright, patent, trademark, and attribution notices that are present in the software.

(D) If you distribute any portion of the software in source code form, you may do so only under this license by including a complete copy of this license with your distribution. If you distribute any portion of the software in compiled or object code form, you may only do so under a license that complies with this license.

(E) The software is licensed “as-is.” You bear the risk of using it. The contributors give no express warranties, guarantees or conditions. You may have additional consumer rights under your local laws which this license cannot change. To the extent permitted under your local laws, the contributors exclude the implied warranties of merchantability, fitness for a particular purpose and non-infringement.

(F) Platform Limitation - The licenses granted in sections 2(A) & 2(B) extend only to the software or derivative works that you create that run on a Microsoft Windows operating system product.

(G) Microsoft Corporation (“Microsoft”) is the contributor of the original software. If you give Microsoft any feedback about the software, you give to Microsoft, without charge, the right to use, share and commercialize your feedback in any way and for any purpose. You also give to third parties, without charge, any patent rights needed for their products or services to use or interface with any specific parts of Microsoft’s software or services that include the feedback. You will not give feedback that is subject to a license that requires Microsoft to license its software or documentation to third parties because Microsoft includes your feedback in them. If Microsoft provides you any support or other services related to the software, it may collect and use technical information gathered as part of those support or services to improve its products or services or provide customized services or technologies to you. Microsoft may disclose this information to others, but not in a form that personally identifies you. The rights in this section 3(G) survive this agreement.

Revised Dec. 2006

Current	WCF Security Guide - v1
Date	Fri Aug 1 2008 at 8:00 AM
Status
Rating	16 ratings 65966 downloads
More	View all downloads

Recent reviews (more)

gracias por el aporte

This is this best reference for securing wcf services. A must read for anyone working w... (more)

Activity

7 30 All days

Page Views	1904
Visits	941
Downloads	314
Application Runs	N/A

View Detailed Stats