Translate This Page
Translate this page
Browse by Tags
Tagged Content List
Reliable Messaging and SecurityToken validation
One of the things that have come up many times is how the service could stop a client from retrying a request for a valid security validation error while Reliable Messaging is enabled. If you are not familiar with the situation the essence of the problem is this, Binding on the Service has Reliable...
27 Aug 2007
Security element and "actor" attribute.
SOAP 1.1 defines the attribute "actor" that can be on any SOAP header which will indicate who the ultimate processor of the header is going to be. It also defines a standard URI value for this actor attribute that is " http://schemas.xmlsoap.org/soap/actor/next " which implies that the header is intended...
17 Jul 2007
WCF Security Modes
WCF supports three types of Security. They are, Transport Security Mixed-Mode Security Message Security Let's discuss the various Security Modes below. Transport Security is applied at the transport byte stream below the message layer. The message does not have a Security header and...
7 Feb 2007
Security Header Layout
There are four different security header layout that can be specified in WCF. The values are defined in WS-SecurityPolicy. They are, Strict - All security tokens are defined in the security header before its first use. The primary signature should be specified before any endorsing signatures. ...
22 Jan 2007
Federation and Bearer Tokens
The latest WS-Trust spec (yet to be ratified by OASIS) introduces a concept called Bearer Tokens. This basically is a keyless token that a client requests from an STS (Security Token Service). The only purpose this token serves is to provide more information about the client to the service while the...
22 Nov 2006
Re-Serialize SAML token
In a Federation Scenario a client might want to access the services by using a SAML token that was issued to it by a STS. The service in turn might have to call other services (like a intermediary) to fulfill the request. When calling the backend service the service might want to use the SAML token that...
24 Oct 2006
As you are moving to Web Services world one of the buzz words that you will hear time and again is "Federation". This is simply a security scenario that involves 3 parties to secure a Message. The 3 parties in the scenario are, Client Security Token Service (STS) Target Service This is...
18 Oct 2006
Web Services Message Security has the concept of Primary and Supporting Tokens. The Primary token is the main token that provides security to the message. This signs the message body and other headers as required and serves as the main identity token for the sending party. There is also a concept of...
16 Oct 2006
WCF Encrypts Signatures by default in Message Security
When you are building your application with security enabled you will see that all your signatures are encrypted by default. This was not the default in WCF Beta 1. As you would expect this did result in a significant performance penalty. The message protection order in Beta 1 was to Sign before Encrypt...
10 Oct 2006
Using Binary Encoding in WCF
I recently had a question from someone on using Binary Encoding and how performance of their application relates to that. My answer was it depends...it depends on what is in your message body and if you are using message security or transport security. Before talking about binary encoding, the first...
9 Oct 2006
Page 1 of 1 (10 items)
© 2013 Microsoft Corporation.
Privacy & Cookies