.net - What is the best way to secure a WCF service? -

-

what best way secure wcf service? should add header service calls , have message inspector on client verifies header?

i need make sure person provides correct user name , password use service , encrypted. on internet , using http binding.

if limited http take performance hit more portable.
think can encrypt , secure of http ws-security.

transport , message security modes

two main mechanisms used implement transfer security in wcf:
transport security mode , message security mode.

transport security mode uses transport-level protocol, such https, achieve transfer security. transport mode has advantage of being adopted, available on many platforms, , less computationally complex. however, has disadvantage of securing messages point-to-point.

message security mode, on other hand, uses ws-security (and other specifications) implement transfer security. because message security applied directly soap messages , contained inside soap envelopes, application data, has advantage of being transport protocol-independent, more extensible, , ensuring end-to-end security (versus point-to-point); has disadvantage of being several times slower transport security mode because has deal xml nature of soap messages.

selecting credential type

how to: authenticate user name , password


Comments

Post a Comment

Popular posts from this blog

android - getbluetoothservice() called with no bluetoothmanagercallback -

-
i getting getbluetoothservice() called no bluetoothmanagercallback error in android application. i have no idea causing or bluetooth manager callbacks. can give me idea of causing problem or start looking. by reading android source code, seems warning cannot about. source code shows if call bluetoothsocket#connect(); then call bluetoothadapter.getdefaultadapter().getbluetoothservice(null); the key here, null parameter passes in above line. due this, there no callback, , bluetoothsocket class throw out warning. since warning, not think need it. https://android.googlesource.com/platform/frameworks/base/+/master/core/java/android/bluetooth/bluetoothsocket.java line 306 https://android.googlesource.com/platform/frameworks/base/+/master/core/java/android/bluetooth/bluetoothadapter.java line 1610
Read more

sql - ASP.NET SqlDataSource, like on SelectCommand -

-
i'm working on asp.net. have sqldatasource query hardcoded on selectcommand: <asp:sqldatasource id="datasource1" runat="server" cancelselectonnullparameter="false" connectionstring="<%$ connectionstrings:s.properties.settings.connectionstring %>" selectcommand="select * [table] ([col1] case @col1_param when null col1 else @col1_param end) , ([col2] case @col2_param when null col2 else @col2_param end)" selectcommandtype="text"> <selectparameters> <asp:controlparameter controlid="textbox1" name="col1_param" propertyname="text" type="string" /> <asp:controlparameter controlid="textbox2" name="col2_param" propertyname="text" type="string" /> </selectparameters> what want if enter data on 1 textbox only, data display according textbox
Read more

ios - Undefined symbols for architecture armv7: "_OBJC_CLASS_$_SSZipArchive" -

-
i try using extractzipfile plugin @ this: https://github.com/phonegap/phonegap-plugins/tree/master/ios/extractzipfile but when compiler xcode 4.6.1 in sdk 6.1 throws error: undefined symbols architecture i386: "_objc_class_$_ssziparchive", referenced from: objc-class-ref in extractzipfileplugin.o ld: symbol(s) not found architecture i386 clang: error: linker command failed exit code 1 (use -v see invocation) i try issue @ here: undefined symbols architecture armv7 ssziparchive but shows error: /users/alienware/desktop/extractzipfile/ssziparchive/tests/ssziparchivetests.m:10:9: 'sentestingkit/sentestingkit.h' file not found i work phonegap , make app in ios, dump. update : try add ssziparchive.m compiler source , come new error: undefined symbols architecture i386: "_unzclose", referenced from: +[ssziparchive unzipfileatpath:todestination:overwrite:password:error:delegate:] in ssziparchive.o "_unzclosecurrentfil
Read more