WCF Security using Certificates/Configuration Files
srinivas akella
I would like to know the best way to implement security for WCF
services.
Please suggest the ways to meet the below requirements.
(i) How to secure the services with out writing the security code in
built in to each of the services. How the WCF engine addresses this
aspect? The solution should be non-intrusive. i.e. security should be
enforced using configuration file only.
(ii) How to introduce different ports/end points in to a WCF
service. For a service having different ports/end points meant for
different consumers, how do we apply security? For example, other
applications being integrated with my application will have different
access permissions.
(iii) How do we debug and monitor the messages the coming in and going
out of services? - This should help us in testing the security aspects
of the solution - to check whether appropriate security tokens are
being inserted in to each message ot not.
Thanks,
Srinivas Akella