patterns & practices Improving Web Services Security Guide

New Comment on "How To - Host WCF in a Windows Service Using TCP"

mabra — Mon, 11 Mar 2013 22:21:19 GMT

Hi ! Is at not simple ?? A simple example should and could have a simple download :-( ++mabra

Source code checked in, #80132

Project Collection Service Accounts — Mon, 01 Oct 2012 21:49:39 GMT

Upgrade: New Version of LabDefaultTemplate.xaml. To upgrade your build definitions, please visit the following link: http://go.microsoft.com/fwlink/?LinkId=254563

Source code checked in, #80131

Project Collection Service Accounts — Mon, 01 Oct 2012 21:43:10 GMT

Checked in by server upgrade

Reviewed: WCF Security Guide - v1 (Sep 25, 2012)

vchandm23 — Wed, 26 Sep 2012 04:08:43 GMT

Rated 5 Stars (out of 5) - Exactly what I was looking for. Book to be in every WCF developer's shelf. Cheers, Chandra

New Comment on "Ch 13 - Internet – WCF and ASMX Client to Remote WCF Using Transport Security (Trusted Subsystem, HTTP)"

markusmr — Fri, 25 Nov 2011 12:24:06 GMT

How can Basic Authentication be called best practice?

Reviewed: WCF Security Guide - v1 (nov 23, 2011)

lesuarezp — Wed, 23 Nov 2011 14:26:18 GMT

Rated 5 Stars (out of 5) - gracias por el aporte

New Post: Why Federation and Claims Authorization are out of scope?

EmreAydinceren — Wed, 14 Sep 2011 15:48:48 GMT

I don't understand why Federation and Claims Authorization are left out of scope? They are important parts of Microsoft's Enterprise Web Service security strategy.

New Comment on "How To - Use SQL Role Provider with Username Authentication in WCF calling from Windows Forms"

manjinderenest — Mon, 13 Jun 2011 04:57:20 GMT

I have followed same instruction but after that when i call WCF service method with PrincipalPermission. I have got this error "Request for principal permission failed." can any body help me to solve this problem..

New Comment on "Ch 05 - Authentication, Authorization and Identities in WCF"

sukumarraju — Fri, 13 May 2011 14:53:51 GMT

Stand alone WCF service, which can authenticate multiple clients and authorize against ASP.NET Membership database. As client applications grow the same ASP.NET Membership database can be used by simply configuring the Membership sections in WCF web.config and end point , so that new client can utilise service methods to authenticate & authorize end user. The plumbing work is in WCF service configuraiton. Is there any good article that can walk through the scenario, failed to configure End Point configuration behavior because it has to be End Point Behavior instead of Service Behavior configuration. Unfortunately there is nothing in End point configuration for use Membershipx.

New Comment on "Ch 13 - Internet – WCF and ASMX Client to Remote WCF Using Transport Security (Trusted Subsystem, HTTP)"

cxksnl — Mon, 07 Mar 2011 21:58:59 GMT

I have the same problem as above. Is there anyone add the reference successfully? I followed the code and it went through AuthenticateRequest several times...

New Comment on "Ch 06 - Impersonation and Delegation in WCF"

mhidalgo — Thu, 25 Nov 2010 21:22:52 GMT

Hi, Great article I have a question :What if I want to set network credentials in the client side, for example If I host the WCF service in IIS, so I created a proxy to consume this service. I set network credentials to consume the service. I have a question for you: How can I read this values in the Service side? Thanks

Reviewed: WCF Security Guide - v1 (Nov 18, 2010)

BrianAtCodePlex — Thu, 18 Nov 2010 20:22:15 GMT

Rated 5 Stars (out of 5) - This is this best reference for securing wcf services. A must read for anyone working with wcf.

Reviewed: WCF Security Guide - v1 (Nov 18, 2010)

BrianAtCodePlex — Thu, 18 Nov 2010 20:18:45 GMT

Rated 5 Stars (out of 5) - This is this best reference for securing wcf services. Secure your web services!

New Comment on "Ch 13 - Internet – WCF and ASMX Client to Remote WCF Using Transport Security (Trusted Subsystem, HTTP)"

alusov — Tue, 07 Sep 2010 03:29:37 GMT

Hi! I have a question about this article. What is the min requrements for this sample. I have been trying this for 2 days. I use iis 5.1, XP SP3, VS2008. The problem is that I can't add a reference on web service in client in Visual Studio. I see the dialog with login and password, input them and continue to see this dialog. In IE 8.0 everything work fine. I assume that maybe the problem is connected with HTTP in IHttpModule. Could you please help me with it. Thanks.

Reviewed: WCF Security Guide - v1 (sep 04, 2010)

Emilca — Sat, 04 Sep 2010 19:31:27 GMT

Rated 3 Stars (out of 5) - bueno WCF

Source code checked in, #55373

_TFSSERVICE — Mon, 02 Aug 2010 22:49:34 GMT

Checked in by server upgrade

New Comment on "Ch 05 - Authentication, Authorization and Identities in WCF"

JCM219 — Sun, 18 Jul 2010 16:14:17 GMT

Thanks!

New Post: Using Winfows authentication for TcpTrasnport, CustomBinding, CustomEncoder

maheshbhide — Mon, 12 Jul 2010 17:39:12 GMT

I am trying to find an example/information where WCF uses TcpTransport, Custom Binding, Custom encoder (gzip) and Windows Authentication. Any example or information is very much appreaciated.

Thanks

New Comment on "Use a Custom Trace Listener only when message filtering is needed"

alhambraeidos — Fri, 09 Apr 2010 11:38:41 GMT

Hi, any sample code of YourCustomListener ?? thanks

New Post: webHttpBinding?

slavoingilizov — Mon, 01 Feb 2010 16:12:37 GMT

mtc900 wrote:
Is there no guidance on using the new webHttpBinding? In particular I am trying to offer basic username/password authentication against a custom user database while hosted in IIS but am unable to find a workable solution.

Second that. Still no info about this?