All geek questions in one place

What type of security is needed for WCF?

Here is my scenario, I have a WCF service hosted on an internal server behind a firewall.

A client is a web application that resides on a web server in the DMZ. A firewall is open on the port between the two nodes, so the connection can be made from the client to the server.

What type of binding do I need to use for security here. Do you know an example program or tutorial?

When I look for this, all I find is where the service is used by clients over the Internet and uses Windows authentication or a username and password request.

I just need our application on the web server to talk to the web service. Any recommendations are appreciated. Thank!

In addition, my web service works as a console application.

+3
source share
2 answers

If you control both ends of the solution (web server (client) in the DMZ and console application (server)), then why not go with NetTcpBinding ?

  • This is a .NET binding, so you are not going to interact (but since you control both ends of the connection, this sounds like no problem).
  • This performance is faster than WSHttpBinding and results in smaller messages.

It doesn't seem like you need the credentials passed along with the message (other than the user ID or any identifier sent in the message), so you can use this binding using TcpClientCredentialType.None.

WCF. NetTcpBinding 1/3 .

, .

+1

, , . 3 obvoius :

  • . , ws-httpbinding . Nettcp .
  • WCF . MEX, , .
  • -. . , , .

, , .

0

Source: https://habr.com/ru/post/1761546/

More articles:


All Articles