Message
Security in WCF
There
are two types of security in WCF. One is the security of Data and second is the
security of medium through which message travel.
When
we talk about the security of data then it is achieved by message security and
if we talk about the security of medium through which message travel which is
protocol security can be achieved by transport level security.
In
this article I defined how to achieve message level security. There of
different type of client credential and using this client credential we achieve
message security. I am using wsHttpBinding to achieve message level security
Type of client Credential in message
security
1. None
2. Windows
3. Username
4. Certificate
5. Issued token
In
this example I am using client credential username.
Following
are the steps to implement the message security using client credential
username
Step 1:-
Create
a class and inherit usernamepasswordvalidator class in it. This class will be
found on System.IdentityModel.Selectors and override the method validate and
verify the username and password.
using System;
using
System.Collections.Generic;
using
System.Linq;
using
System.Web;
using
System.IdentityModel.Selectors;
using System.ServiceModel;
public class Credentioal:UserNamePasswordValidator
{
public override void
Validate(string userName, string password)
{
if
(userName == "isha" && password == "isha123")
{ }
else
{
throw new FaultException("Wrong
userid and pwd");
}
}
}
Step 2
