For this week's release in our patterns & practices WCF Security Guidance project, we added new sections to our WCF Security Application Scenarios. We added sections for analysis, code and configuration examples. The analysis section explains the rationale behind some of the decisions.
The idea behind the application scenarios is to show you a before and after look of end-to-end solutions. Rather than a single solution, we give you a set of solutions to pick from. The main parameters that vary in each solution include: Intranet vs. Internet, ASP.NET client vs. Windows Forms clients, TCP vs. HTTP, impersonation/delegation vs. trusted subsystem, and AD (domain credentials) vs. a custom user store.
WCF Security Application Scenarios
- Intranet – Web to Remote WCF Using Transport Security (Trusted Subsystem TCP)
- Intranet – Web to Remote WCF Using Transport Security (Trusted Subsystem, HTTP)
- Intranet – Web to Remote WCF Using Transport Security (Original Caller, TCP)
- Intranet – Windows Forms to Remote WCF Using Transport Security (TCP)
- Internet – Web to Remote WCF Using Transport Security (Trusted Subsystem)
- Internet – Windows Forms Client Calling WCF Using Message Security
Note that if there's enough interest and time, we'll add a scenario that shows accessing an existing custom user store (i.e. you aren't using Membership.)
My Related Posts
- patterns & practices WCF Security Application Scenarios
- patterns & practices WCF Security Guidance Now Available
VIA : J.D. Meier's Blog