Touching on Security


The WCF framework offers a multitude of different WS-* specifications that you can take advantage of in your services without really needing to know how to code for those specifications, as the framework takes care of this for you on your behalf.

To see an example of this, consider the VbWCF_Service1 solution from the console-application code earlier in this chapter. Take that code and modify it to add a requirement that the service makes use of WS-Security and that the client can only consume the service using WS-Security by supplying their Windows credentials as the user context. The code for this modified service is provided here:

 Imports System Imports System.ServiceModel Imports System.ServiceModel.Description Module Module1     Sub Main()         Using serviceHost As ServiceHost = New ServiceHost(GetType(Calculator))             Dim ntb As NetTcpBinding = New NetTcpBinding(SecurityMode.Message)             ntb.Security.Message.ClientCredentialType = _                MessageCredentialType.Windows             serviceHost.AddServiceEndpoint(GetType(ICalculator), ntb, _                New Uri("net.tcp://192.168.1.102:8080/Calculator/"))             Dim smb As New ServiceMetadataBehavior()             smb.HttpGetEnabled = True             smb.HttpGetUrl = New Uri("http://localhost:8000/docs")             serviceHost.Description.Behaviors.Add(smb)             serviceHost.Open()             Console.WriteLine("Press the <ENTER> key to close the host.")             Console.ReadLine()         End Using     End Sub End Module

Instead of the SecurityMode.None property, you can also use the SecurityMode.Message property. This forces the SOAP message to include a WS-Security header. The next line of code specifies that the credential type that the service needs to make use of is a Windows credential, set with the MessageCredentialType.Windows property.

Making a client reference to this service gives you a different app.config file than what you had before. Here is the <system.serviceModel> element of the app.config file:

  <system.serviceModel>    <bindings>       <netTcpBinding>          <binding name="NetTcpBinding_ICalculator" closeTimeout="00:01:00"           openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"           transactionFlow="false" transferMode="Buffered"           transactionProtocol="OleTransactions"           hostNameComparisonMode="StrongWildcard" listenBacklog="10"           maxBufferPoolSize="524288" maxBufferSize="65536" maxConnections="10"           maxReceivedMessageSize="65536" >             <readerQuotas maxDepth="32" maxStringContentLength="8192"              maxArrayLength="16384"              maxBytesPerRead="4096" maxNameTableCharCount="16384" />             <reliableSession ordered="true" inactivityTimeout="00:10:00"              enabled="false" />             <security mode="Message">                <transport clientCredentialType="Windows"                 protectionLevel="EncryptAndSign" />                <message clientCredentialType="Windows" />             </security>          </binding>       </netTcpBinding>    </bindings>    <client>       <endpoint address="net.tcp://192.168.1.102:8080/Calculator/"        binding="netTcpBinding" bindingConfiguration="NetTcpBinding_ICalculator"        contract="CalculatorService.ICalculator" name="NetTcpBinding_ICalculator">          <identity>             <userPrincipalName value="Bill-PC\Bill" />          </identity>       </endpoint>    </client> </system.serviceModel> 

Note that the <security> element defines the client credential type as a Windows credential set and that the credentials provided in the WS-Security SOAP header need to be encrypted and signed.

From the <client> element, you have a user principal defined as the credentials provided in the request. Now when the request and response occur, you will find a WS-Security header, which is present in the SOAP header of the message.




Professional VB 2005 with. NET 3. 0
Professional VB 2005 with .NET 3.0 (Programmer to Programmer)
ISBN: 0470124709
EAN: 2147483647
Year: 2004
Pages: 267

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net