• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

Secure Connection - How? (Newbie question)

A

Axel Dahmen

#1
Hi,

I'm new to .NET 2.0 and Indigo/WCF...

Using .NET 1.1 I would have provided my own style of
authentication/encryption to have external users access my web services, but
I've read WCF is now doing this for me.

Can someone please point me on a simple tutorial using database credentials
(Forms authentication)?

Moreover, I'd like to utilize my Web Service classes locally, not requiring
any authentication from there. Can this be done with the same classes
programmed to serve as a Web Service?

TIA,
Axel Dahmen
 
J

Joerg Jooss

#2
Thus wrote Axel,

> Hi,
>
> I'm new to .NET 2.0 and Indigo/WCF...
>
> Using .NET 1.1 I would have provided my own style of
> authentication/encryption to have external users access my web
> services, but I've read WCF is now doing this for me.


Only if you want to ;-)

WCF allows you to use Transport, Message, or Mixed Mode security and even
to apply both Transport and Message security simultaneously (overkill...),
based on standards such as WS-Security, WS-SecurConversation etc.

> Can someone please point me on a simple tutorial using database
> credentials (Forms authentication)?


It's rather complex, but I suggest working through http://windowssdk.msdn.microsoft.com/en-us/library/ms734736.aspx.


These use cases should give you a head start: http://windowssdk.msdn.microsoft.com/en-us/library/ms730301.aspx

> Moreover, I'd like to utilize my Web Service classes locally, not
> requiring any authentication from there. Can this be done with the
> same classes programmed to serve as a Web Service?


Absolutely. You can establish as many endpoints for a service as you require,
all of which may have a completely different security requirements. Note
that for truly local services, you'll rather want to use named pipes instead
of HTTP.

Cheers,
--
Joerg Jooss
news-reply@joergjooss.de