Transport Security
|
Message Security
|
When using transport security, the user credentials and claims
are passed by using the transport layer. In other words, user credentials are
transport-dependent, which allows fewer authentication options compared to
message security. Each transport protocol (TCP, IPC, MSMQ, or HTTP) has its
own mechanism for passing credentials and handling message protection. The
most common approach for this is to use Secure Sockets Layer (SSL) for
encrypting and signing the contents of the packets sent over Secure HTTP
(HTTPS).
|
When using message security,
the user credentials and claims are encapsulated in every message using the
WS-Security specification to secure messages. This option gives the most
flexibility from an authentication perspective. You can use any type of
security credentials you want, largely independent of transport, as long as
both the client and service agree.
|
Use
|
Use
|
Advantage
|
Advantage
|
Dis Advantage
|
Dis Advantage
|
<netTcpBinding>
<binding name="netTcpTransportBinding">
<security mode="Transport">
<Transport clientCredentialType="Windows" />
</security>
</binding>
</netTcpBinding>
|
<wsHttpBinding>
<binding name="wsHttpMessageBinding">
<security mode="Message">
<Message clientCredentialType="UserName" />
</security>
</binding>
</wsHttpBinding>
|
Thursday, February 02, 2017
WCF Security, When/How to Use, Advantages and Disadvantages
Subscribe to:
Post Comments (Atom)
1 comment:
Great post! I am actually getting ready to across this information, It's very helpful for this blog.Also great with all of the valuable information you have Keep up the good work you are doing well.
Hadoop Training in Chennai
Dotnet Training in Chennai
Post a Comment