In the .NET Framework 3.5, WCF only allows a limited set of scenarios to execute in partial trust. Ideally, you would like to tap into the full power of WCF from distributed transactions to reliable calls to various security credential types without trading off CAS—that is, without resorting to full trust.

In the April 2008 issue of MSDN Magazine, Juval Lowy discussed support for code access security in WCF, and demonstrating a solution for enabling partially trusted clients of WCF services.

In the July 2008 installment of the Foundations column, Juval completes the picture by implementing partially trusted services and partially turreted hosts.

You can browse the code for Part 1 and Part 2 online.

See the MSDN Magazine archives for more articles on security.