WCF 4 Security Modes with examples

WCF 4 Security Modes with examples
In this article i will explain the security modes in Windows Communication Foundation WCF 4.0.This security modes are an important part of WCF 
Many WCF services will require secure communication, where it is necessary to authenticate the sender of a message, and to ensure that messages have not been read or tampered with by unauthorized third parties. WCF can provide authentication, privacy, and integrity for messages by using two mechanisms

WCF Security Modes can be asked in Interview Questions.
WCF 4 Interview Questions with Answers
The Security Modes are stated below
1.Transport Mode
2.Message Mode
3.Mixed Mode
Let us now explain each one of them in details

1.Transport Mode 
Transport mode, which uses the security features of a transport layer such as HTTPS. This mode has performance benefits due to the optimized nature of the underlying protocols, but it has a restricted set of credential or claim types. This mode also only works between two transport endpoints
2.Message Mode
Message mode, which protects the message itself by using a protocol such as WS-Security. Credential information is embedded within the message so that this mode can support a richer set of claim types at the expense of performance. This mode provides end-to-end security for the message.
3.Mixed Mode 
WCF also supports a mixed mode, where integrity and privacy are provided by the transport, while authentication is handled by using credentials in the message. This can give the best balance of performance and flexibility.
You can specify the security for a binding by setting its SecurityMode property.
By default, the BasicHttpBinding has no security configured. Other HTTP bindings use WS-Security, and TCP and Named Pipe bindings use Windows security

2 comments: