O'Reilly logo

Programming WCF Services, 2nd Edition by Juval Lowy

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Declarative Security Framework

WCF security is truly a vast topic. The number of details to master is daunting, and intricate relationships exist between the various aspects. The programming model is very complex, and at first you're likely to have an inescapable feeling of navigating a maze. To make things even worse, getting it wrong has severe implications both at the application and the business level. To simplify things, I came up with a declarative security framework for WCF. For the service, I have provided a security attribute (with matching support for the host), and for the client I have provided a few helper classes and secure proxy classes. My declarative framework grossly simplifies WCF security configuration, placing it on a par with other aspects of WCF configuration such as transactions and synchronization. My goal was to provide a declarative model that would be simple to use and would minimize the need to understand the many details of security. As a developer, all you need to do is select the correct scenario (out of the five common scenarios discussed in this chapter), and my framework will automate the configuration. Not only that, but my framework mandates the correct options and enforces my recommendations. At the same time, my model maintains granularity and allows developers to control the underlying configuration if the need arises.

The SecurityBehaviorAttribute

Example 10-19 lists the definition of the SecurityBehaviorAttribute and the ServiceSecurity enum. ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required