Summary

You learned the essentials of WCF security in this chapter. We discussed the following concepts in detail:

• WCF security is based on four important concepts: authentication, authorization, integrity, and confidentiality.

• You can utilize WCF security at the transport layer, message layer, or at both the transport and message layer (mixed). These are commonly referred to as modes.

• Transport-layer security depends on the transport (specifically, SSL) to protect the communication between the client and the service. This method is faster. However, the credential types supported in WCF are limited (in other words, no rich SAML tokens). The messages can also be vulnerable in the recipient's domain after the messages leave the SSL gateway.

• Message-level security is slower than transport mode. However, the developers can use a rich set of credentials. Message mode will guarantee the message will get to the receiver without being exposed at transport level. Therefore, it supports n-ton security.

• Mixed mode supports integrity and confidentiality at the transport layer. Authentication and authorization are achieved at the message layer

• WCF also supports federated claims and Windows CardSpace. WCF uses CardSpace as a client credential type. Both personal cards and provider cards are supported.

• WCF also enables authorization at the Windows level and will support multiple membership providers as role providers. It also supports a comprehensive auditing and tracing API.

Now you are familiar with the security features of WCF. The next chapter discusses reliable messaging and how it is implemented in WCF. Reliable messaging is an important concept in distributed computing. It will enable reliable communication channels between multiple enterprises (on heterogeneous platforms) with failover mechanisms.