Описание тега wcf-security
Questions related to the authentication and authorization services for Windows Communication Foundation (WCF) applications
Windows Communication Foundation is Microsoft's implementation of the WS-* web service specifications. Its security functionality mainly deals with authentication, authorization and secure over-the-wire transmission of user credentials.
When setting up WCF Security for an application, the following parameters need to be configured:
- The type of credential required, e.g. NTLM, plaintext, or certificate authentication
- The security mode: transport mode (e.g. SSL), message mode (SOAP message security), or a combination of both
- Which endpoint(s) are protected
Once a client successfully connects to an endpoint protected with WCF Security, the server application can examine the security context to determine the identity of the client and to determine its authorizations (which need to be configured separately).