none
how to protect service hosted in windows service ? RRS feed

  • Question

  • hi...

    I have created one wcf service and hosted it in the windows service and it is working .... i'm using wsHttpBinding  .

    but there is no security ... any one know the URL can uses the service ...

    how to protect wcf in this case ?

    i need some kind of username and password kind of thing ... like asp.net application .

    Saturday, October 5, 2013 9:38 PM

Answers

  • Hi helloWorld944,

    No matter you host WCF service via IIS server or custom application (like winform, windows service, console, etc...), you have the same options to secure your service. It just depend on the binding you've selected for your service (such as basicHttpBinding, wsHttpbinding, netTcpBinding, etc...). And WCF supports two security mode, transport layer security and message layer security. Transport layer security relies on the security infrastructure of transport protocols (the selected WCF binding based on). While message security is completely implemented at WCF's SOAP message layer (via WS-* specs). Both ones provide options to add username/password based authentication to WCF service. Here are some reference for your information:

    #Transport Security
    http://msdn.microsoft.com/en-us/library/ms733043.aspx

    #Message Security in WCF
    http://msdn.microsoft.com/en-us/library/ms733137.aspx

    and you can take a look at the common security scenarios of how we can secure a WCF service:

    #Common Security Scenarios
    http://msdn.microsoft.com/en-us/library/ms730301.aspx


    <THE CONTENT IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, WHETHER EXPRESS OR IMPLIED>
    Thanks
    MSDN Community Support

    Please remember to "Mark as Answer" the responses that resolved your issue. It is a common way to recognize those who have helped you, and makes it easier for other visitors to find the resolution later.

    Monday, October 7, 2013 3:35 AM
    Moderator

All replies