In this chapter, you have seen how to use the features of WCF bindings to control the degree of protection afforded to a WCF service. You have seen how to configure encryption for messages flowing between a client application and a service, at the message level and at the transport level. You have learned how to specify the authentication mode for a binding and how to pass Windows credentials from a client application to a WCF service. You have also learned how to authorize access to operations for authenticated users and how to provide access to resources based on a user’s authenticated identity by using impersonation.