StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

PO
text
Body
copied!<p>You can configure a WCF endpoint to use <strong>2-way SSL authentication</strong>. That means that you can require clients to present an X.509 certificate that confirms their identity whenever they make a request to the service.<br /><br/> On the server side of things, you can use one of the built-in validation schemes in WCF or provide your own validation logic to check the X.509 certificate.<br/> If you were hosting your service in IIS, it would be trivial to configure SSL to require client certificates at the <strong>transport-level</strong>. However, you can find a good guide on how to implement this behaviour in a self-hosted WCF service here:</p> <p><a href="http://leastprivilege.com/2007/08/25/certificate-based-authentication-and-wcf-message-security/" rel="nofollow noreferrer">http://leastprivilege.com/2007/08/25/certificate-based-authentication-and-wcf-message-security/</a></p> <p>I haven't tried this myself but, since this creates a security requirement at the <strong>message-level</strong>, I think you will have to use <strong>wsHttpBinding</strong> to enforce it in your WSDL contract, since imposing security requirements to access a web service is part of the WS-* standards.</p> <p>If you have to use <strong>basicHttpBinding</strong>, you can try this solution instead that moves things up at the transport-level:</p> <p><a href="http://leastprivilege.com/2007/08/26/certificate-based-authentication-and-wcf-mode-independent/" rel="nofollow noreferrer">http://leastprivilege.com/2007/08/26/certificate-based-authentication-and-wcf-mode-independent/</a></p> <p>Hope this helps</p>

Querying!

Guidance

An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload