Welcome to MSDN Blogs Sign in | Join | Help

Browse by Tags

All Tags » Message Security   (RSS)
Thursday, October 29, 2009 5:00 AM

Federating from Silverlight

I've had a few people ask whether the WCF subset in Silverlight supports message-level security. The answer currently is not very much. The security support is limited to basically the facilities that you'd expect to have for any other browser based application,
Posted by Nicholas Allen | 0 Comments
Wednesday, July 15, 2009 5:00 AM

Load Balanced Web Service Bindings

What options can I use with WSHttpBinding to make it friendlier to load balancing? The primary difficulty encountered when using WSHttp with a load balancer is that WSHttp is easy to configure to produce application-level sessions between the client and
Posted by Nicholas Allen | 0 Comments
Wednesday, March 11, 2009 5:00 AM

SAML Client Credentials

Dominick Baier put up an article yesterday showing how to use client generated SAML tokens for providing client credentials. This is more a demonstration of the capabilities of Geneva for credential and claim handling than a practical code library to
Posted by Nicholas Allen | 0 Comments
Wednesday, January 07, 2009 5:00 AM

Updates to Reliable, Secure, and Transacted Standards Close to Approval

Updated versions of the standards for reliable message, message security, and distributed transactions have completed public review and are headed to a final vote. I expect all of these standards updates to be approved and see official publication of
Posted by Nicholas Allen | 0 Comments
Monday, October 06, 2008 5:00 AM

Common Problems Composing Security with Streaming

Security and streaming are two features that often do not get along with each other. Although the concepts are not inherently in conflict, their implementations often do things that cause problems for the optimal execution of the other. You may have seen
Posted by Nicholas Allen | 1 Comments
Wednesday, August 06, 2008 5:00 AM

WCF Security Guide Released

If you've been following along, I have mentioned the WCF security guide project being worked on in the patterns and practices team a few times now. After months of drafts and betas, the complete guide is now ready for official release. The WCF security
Posted by Nicholas Allen | 1 Comments
Wednesday, July 23, 2008 5:00 AM

Help with Security Programming

Security programming today tends to contain large amount of plumbing code to handle the modeling, management, and evaluation of identities. An identity is the basis of many common security operations, such as authentication, personalization, authorization,
Posted by Nicholas Allen | 1 Comments
Tuesday, June 24, 2008 5:00 AM

Security Session Inactivity

What does the InactivityTimeout on a secure channel do? The inactivity timeout on a message security channel controls how long the channel will allow pending security sessions to linger in its cache before giving up on them. This is completely different
Posted by Nicholas Allen | 0 Comments
Thursday, June 05, 2008 5:00 AM

Improving Web Services Security Beta Guide

The WCF Security Guide content that I've mentioned a few times before is now done with early drafts and has been rolled up into a beta release of the full book. There's a ton of content in the real thing on top of what you've been seeing in the drafts.
Posted by Nicholas Allen | 1 Comments
Tuesday, May 06, 2008 5:00 AM

Updates to WCF Security Guidance

After the first announcement for the WCF Security Guidance Project , the amount of content has grown tremendously. Here's a summary of what's new over the last month. Seven new application scenarios: Intranet - Web to Remote WCF Using Transport Security
Posted by Nicholas Allen | 1 Comments
Tuesday, April 29, 2008 5:00 AM

Messaging Additions in Orcas, Part 2

Continuing on with the theme of messaging additions in Orcas, today I'll look at some more of the protocols and community-driven features that were added. WS Atomic Transaction 1.1 . Transactions tie together multiple participants in a distributed application.
Posted by Nicholas Allen | 2 Comments
Monday, March 31, 2008 5:00 AM

WCF Security Guidance Project

The patterns & practices team at Microsoft has put together their first release of guidance for WCF security . They've included how-to guides and videos that walk you through a number of security tasks, such as working with certificates and configuring
Posted by Nicholas Allen | 3 Comments
Monday, March 10, 2008 5:00 AM

Configuring Protection Level

Is it possible to configure the protection level for message parts at runtime? Only certain configurations make doing this particularly easy. When using transport security with Windows credentials, the WindowsStreamSecurityBindingElement allows you to
Posted by Nicholas Allen | 5 Comments
Friday, March 07, 2008 5:00 AM

Customizing Exceptions for Validation

How do I customize the exception text sent back from a custom password validator? If you've looked at the documentation for UserNamePasswordValidator, then the instructions tell you to implement the validator by overriding the Validate method and throwing
Posted by Nicholas Allen | 4 Comments
Monday, February 18, 2008 5:00 AM

Scopes of Encryption

This article is primarily an introduction on protecting message data since the topic overall seems to cause some confusion. The source of confusion is what it means for a service to define a contract for protecting data. Data protection flows from two
Posted by Nicholas Allen | 1 Comments
More Posts Next page »
 
Page view tracker