Databases
StackOverflow2013
Postsdbo
PO
 

Note that there are some explanatory texts on larger screens.

plurals
  1. PO
    primarykey
    data
    text
    <p>I had to do a lot of reading between multiple articles to get the details I was looking for from my original post. The information that helped things to clear up a bit for me was the following:</p> <p><em>Each protocol (TCP, HTTP, MSMQ, NamedPipes) has its own mechanism for passing credentials and handling message protection.</em></p> <p>Above is from the <a href="http://wcfsecurityguide.codeplex.com/releases/view/15892" rel="noreferrer">WCFSecurityGuide</a></p> <p>Coming from a primarily web background I have a pretty good understanding of HTTP and securing it with a SSL cert. However this exact procedure is not required in a Windows environment for net.tcp which uses its own method in Windows to secure the transport layer. </p> <p>So when it gets down to it, here are the (2) explinations in regards to securing a HTTP binding and net.tcp in a Windows environment that I wanted to understand:</p> <p><strong>For net.tcp:</strong> <em>The service and clients are authenticated using Windows authentication, and the messages are secured at the transport level by Windows security</em></p> <p><strong>For a HTTP binding (i.e. wsHttpBinding):</strong> <em>When using HTTP bindings, the transport security is provided by SSL. The SSL certificate is used to provide the message protection.</em></p> <p>So I will <em>not</em> need a SSL cert for the net.tcp binding as that is handled by Windows Security and is inheriently secure when using Transport security. When using a wsHttpBinding I will still need to secure the Transport with a SSL certificate which I had done as mentioned previously, and exposed the binding via HTTPS.</p> <p>If any future readers have similar questions the WCF guide link I posted and the link below are a good place to start:</p> <p><strong>Common WCF Security Scenarios:</strong><BR> <a href="http://msdn.microsoft.com/en-us/library/ms730301.aspx" rel="noreferrer">http://msdn.microsoft.com/en-us/library/ms730301.aspx</a></p>
    singulars
    1. This table or related slice is empty.
    1. POIs SSL for WCF needed when using Transport Security?
      singulars
      1. PTQuestion
    1. PTAnswer
    1. This table or related slice is empty.
    1. USatconway
    plurals
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. POIs SSL for WCF needed when using Transport Security?
      singulars
      1. PTQuestion
    1. This table or related slice is empty.
    1. VO
      singulars
      1. PO
      1. This table or related slice is empty.
      1. VTUpMod
    2. VO
      singulars
      1. PO
      1. This table or related slice is empty.
      1. VTAcceptedByOriginator
    3. VO
      singulars
      1. PO
      1. This table or related slice is empty.
      1. VTUpMod
    1. COGood summary! Just to be ulta-clear, "message protection" for this configuration means an encrypted channel (the transport) is established through which the message is transmitted to the service. The message itself is **not** encrypted and doesn't need to be since the channel is secure. WCF also has message level security (which is **not** enabled in this configuration) that encrypts the message itself so it can transmitted over unsecure channels or passed through intermediaries with compromising the contents of the message.
      singulars
      1. PO
      1. USSixto Saez
    2. COThanks! Some info from the WCFSecurityGuid (p.127) to elaborate more about security modes and their description: **None**: No security is provided; you should not use this option. **Transport**: Mutual authentication and message protection are provided at the transport level. **Message**: Mutual authentication and message protection are provided at the message level. **Both**: Mutual authentication and message protection are provided at both the transport and message level. This is far more than is needed for most scenarios.
      singulars
      1. PO
      1. USatconway
    3. COcont... **TransportWithMessageCredential**: Client authentication is provided at the message level, and message protection and service authentication are provided at the transport level. **TransportCredentialOnly**: Mutual authentication is provided at the transport level, but no message protection is provided.
      singulars
      1. PO
      1. USatconway
 

Querying!

 
Guidance
A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload