Vista - WCF Security Question

04-19-2008

i have a WCF service(hosted in IIS) with the following configuration:
basichttpbinding
MTOM
Streaming(for file upload and download)
now i want to implement a security system where i receive username/password
only once. after which i want to issue a custom generated token which should
be used for all subsequent calls to service. i also want to control the
expiration and renewal of the issued token. what should be my approach in
order to acheive this?
please advice, if possible with some code sample.

04-24-2008

Hi Sarasam,
You need to use Federation binding and implement an STS that will
issue the token. You can then use an authorization policy and/or
authorization manager with your specific service, and with the service
you can define MTOM for encoding.

Priya
On Apr 20, 2:28*am, Sarasam <Sara...@xxxxxx> wrote:

Quote:

> i have a WCF service(hosted in IIS) with the following configuration:
> basichttpbinding
> MTOM
> Streaming(for file upload and download)
> now i want to implement a security system where i receive username/password
> only once. after which i want to issue a custom generated token which should
> be used for all subsequent calls to service. i also want to control the
> expiration and renewal of the issued token. what should be my approach in
> order to acheive this?
> please advice, if possible with some code sample.

04-19-2008	#1 (permalink)
Sarasam n/a posts	WCF Security Question i have a WCF service(hosted in IIS) with the following configuration: basichttpbinding MTOM Streaming(for file upload and download) now i want to implement a security system where i receive username/password only once. after which i want to issue a custom generated token which should be used for all subsequent calls to service. i also want to control the expiration and renewal of the issued token. what should be my approach in order to acheive this? please advice, if possible with some code sample.
My System Specs

04-24-2008	#2 (permalink)
Priya n/a posts	Re: WCF Security Question Hi Sarasam, You need to use Federation binding and implement an STS that will issue the token. You can then use an authorization policy and/or authorization manager with your specific service, and with the service you can define MTOM for encoding. Priya On Apr 20, 2:28*am, Sarasam <Sara...@xxxxxx> wrote: Quote: > i have a WCF service(hosted in IIS) with the following configuration: > basichttpbinding > MTOM > Streaming(for file upload and download) > now i want to implement a security system where i receive username/password > only once. after which i want to issue a custom generated token which should > be used for all subsequent calls to service. i also want to control the > expiration and renewal of the issued token. what should be my approach in > order to acheive this? > please advice, if possible with some code sample.
My System Specs

Similar Threads
Thread	Forum
WMI Security question...	VB Script
Security Log Question?	System Security
Security Question	Vista security
File Security Question	Vista security
File security question	Vista security