WCF Security Guidance Project

The patterns & practices team at Microsoft has put together their first release of guidance for WCF security. They've included how-to guides and videos that walk you through a number of security tasks, such as working with certificates and configuring role providers. The overall guide is still under development so these represent individual modules that are being published as they're completed.

Here's what's currently available:

• How To - Create and Install Temporary Certificates in WCF for Message Security During Development
• How To - Create and Install Temporary Certificates in WCF for Transport Security during Development
• How To - Impersonate the Original Caller in WCF calling from Web Application
• How To - Impersonate the Original Caller in WCF calling from Windows Forms
• How To - Use netTcpBinding with Windows Authentication and Transport Security in WCF from Windows Forms
• How To - Use SQL Role Provider with Username Authentication in WCF calling from Windows Forms
• How To - Use SQL Role Provider with Windows Authentication in WCF calling from Windows Forms
• How To - Use Username Authentication with the SQL Membership Provider and Message Security in WCF from Windows Forms
• How To - Use wsHttpBinding with Windows Authentication and Message Security in WCF from Windows Forms
• How To - Use wsHttpBinding with Windows Authentication and Transport Security in WCF calling from Windows Forms
• Video: How To - Host WCF in a Windows Service (Length: 2:45 - Size: 1.2MB)
• Video: How To - Impersonate the Original Caller in WCF calling from a Windows Form (Length: 2:15 - Size: 1MB)
• Video: How To - Use basicHttpBinding with Certificate Authentication from Windows Forms (Length: 2:38 - Size: 1.1MB)
• Video: How To - Use netTcpBinding with Windows Authentication and Message Security (Length: 1:55 - Size: 1.5 MB)
• Video: How To - Use SQL Role Provider with Username Authentication in WCF calling from Windows Forms (Length: 3:28 - Size: 1.8MB)
• Video: How To - Use WsHttpBinding with Certificate Authentication with Message Security (Length: 1:01 - Size: 757KB)
• Video: How To - Use WsHttpBinding with Windows Authentication with Message Security (Length: 1:41 - Size: 781kb)
• Video: How To - Create and Install temporary Certificates in WCF for Transport Security during Development (Length: 3:45 - Size: 2.3MB)
• Video: How To - Create and Install temporary Certificates in WCF for Message Security during Development (Length: 3:40 - Size: 2.3MB)
• Intranet - Web App to Remote WCF to SQL Server - Original Caller
• Intranet - Web App to Remote WCF to SQL Server - Trusted Subsystem
• Intranet - Web App to Local WCF to SQL Server - Original Caller
• Internet - Web App to Remote WCF to SQL Server - Original Caller