Monday, September 17, 2007

Security in WCF


None, UserName, Windows, Certificate, and IssuedToken.

Default Security in Standard Bindings

basicHttpBinding supports the WS-I basic profile. This particular binding doesn't provide CIA by default like most of the others. The most popular way to secure this binding is by simply running over HTTPS.

wsHttpBinding uses message security by default, with WS-Security and WS-SecureConversation. The default client credential type is Windows. One of the most common security tweaks to use on this binding is to switch it to use TransportWithMessageCredential.

netTcpBinding encodes each SOAP envelope using a proprietary binary encoding of the XML Infoset instead of the traditional angle bracket encoding. By default this binding uses transport security with Windows credentials, and is very efficient. The default binding uses transport security with negotiated authentication. If you want raw speed for Web services on a Windows-based intranet, you should seriously consider using this binding.

Discovering Client Identity

By far the simplest way to discover a client's identity is to leverage Thread.CurrentPrincipal. You can see which groups the user belongs to by calling WindowsPrincipal.IsInRole. For security reasons you really should specify the fully qualified group name, which includes the domain or machine on which the group is defined.

WCF doesn't always set Thread.CurrentPrincipal. It does that only if PrincipalPermissionAttribute is used or if the configuration says it should. Instead of relying on Thread.CurrentPrincipal, you should use ServiceSecurityContext.Current.WindowsIdentity to get the client's identity if one is available.

If the client is using an issued token credential to authenticate, you'll need to use ServiceSecurityContext.AuthorizationContext to pick up those details. If the client is authenticating with a certificate not mapped to a Windows account, ServiceSecurityContext.Current.PrimaryIdentity can be used.

Transparency is important when you're building a secure system. If the security features you build into the system aren't relatively transparent, users will be put off and will generally try to avoid using them.

From Security Briefs: Security in Windows Communication Foundation by Keith Brown.


At 11:18 PM, Anonymous Anonymous said...

Its like you read my mind! You seem to understand a lot about this,
like you wrote the e-book in it or something. I think that you simply can do with
some p.c. to power the message house a little bit, but other than
that, that is fantastic blog. A great read. I will definitely be

my webpage ... calories walking calculator


Post a Comment

<< Home