چه کسانی این کتاب را می‌خوانند

دانشجوعلاقه‌مند یادگیری
کتابخوان حرفه‌ایلذت مطالعه
نویسندهالهام‌گیری

Improving Web Services Security

قیمت نهایی

۴۴٬۰۰۰ تومان۴۹٬۰۰۰ تومان۱۰٪ تخفیف
  • تخفیف زمان‌دار−۵٬۰۰۰ تومان

۵٬۰۰۰ تومان صرفه‌جویی نسبت به قیمت اصلی

نسخه اصلی و اورجینال

بلافاصله پس از خرید، فایل کتاب روی دستگاه شما آمادهٔ دانلود است.

تحویل فوری
پرداخت امن
ضمانت فایل
پشتیبانی

مشخصات کتاب

ناشر
Microsoft
سال انتشار
۲۰۰۸
فرمت
PDF
زبان
انگلیسی
حجم فایل
۳٫۷ مگابایت

دربارهٔ کتاب

Cover Page......Page 1 Copyrights Page......Page 2 Title......Page 3 Foreword by Nicholas Allen......Page 4 Foreword by Rockford Lhotka......Page 5 WCF / Services Security......Page 6 Why We Wrote This Guide......Page 7 Parts......Page 8 “How To” Articles......Page 9 Resources......Page 10 The Team Who Brought You This Guide......Page 11 Tell Us About Your Success......Page 12 Security Engineering......Page 13 Authentication / Authorization......Page 14 Patterns......Page 16 Auditing and Logging......Page 17 Impersonation / Delegation......Page 18 Message Validation......Page 19 The Approach......Page 21 patterns & practices Security Engineering......Page 22 Intranet......Page 23 Web Services Security Frame......Page 24 Threats and Attacks to Your Web Services......Page 25 Guidelines for Your Web Services......Page 26 Web Services Security Patterns......Page 28 Bindings in WCF......Page 30 Transport Security......Page 32 Message Security......Page 33 Message Security......Page 34 Authorization Options in WCF......Page 35 Part I - Security Fundamentals for Web Services......Page 37 The Foundations of Security......Page 38 What Is a Service?......Page 39 Service-Oriented Architecture (SOA)......Page 40 Service Orientation vs. Object Orientation......Page 41 Enterprise SOA vs. Application SOA......Page 42 How Do You Build Secure Services?......Page 43 patterns & practices Security Engineering......Page 44 Web Services Security Principles......Page 46 Web Services Security Frame......Page 47 Web Services Security Patterns......Page 50 Additional Resources......Page 53 Web Services Security Frame......Page 55 Auditing and Logging......Page 56 Authentication......Page 57 Authorization......Page 58 Exception Management......Page 59 Impersonation/Delegation......Page 60 Message Replay Detection......Page 61 Message Validation......Page 62 Sensitive Data......Page 63 Session Management......Page 64 Threats and Attacks Explained......Page 65 Security Architecture and Design Issues for Web Services......Page 68 Deployment Considerations......Page 69 Auditing and Logging......Page 71 Do Not Log Sensitive Information......Page 72 Protect and Audit Log Files......Page 73 Be Able to Disable Accounts......Page 74 Additional Resources......Page 75 Consider Authorization Granularity......Page 76 Restrict User Access to System-level Resources......Page 77 Consider Your Key Storage Location......Page 78 Catch Exceptions......Page 79 Message Protection......Page 80 Message Validation......Page 81 Additional Resources......Page 82 Encrypt Sensitive Data over the Network......Page 83 Secure the Channel to the Session Store......Page 84 Part II - WCF Security Fundamentals......Page 86 Key Security Features......Page 87 Bindings and Behaviors......Page 88 Transport Security......Page 89 Message Security......Page 90 Protection Levels......Page 91 Service Credentials Negotiation......Page 92 Transport Security Mode Authentication Options......Page 93 Message Security Mode Authentication Options......Page 94 Impersonation / Delegation......Page 95 Auditing......Page 96 Transfer Security Modes......Page 98 Authentication Options with Transport Security......Page 99 Authorization Options in WCF......Page 100 Imperative Authorization......Page 101 Resource-based Authorization Options in WCF......Page 102 The Trusted Subsystem Model......Page 103 The Impersonation / Delegation Model......Page 104 Identities in WCF......Page 105 Step 1 – Identify Resources......Page 106 Step 2 – Choose an Authorization Approach......Page 107 Transport Security......Page 108 Bindings Summary......Page 109 User Store and Credential Management......Page 110 Internet Scenarios......Page 111 Additional Resources......Page 113 Impersonation Scenarios......Page 114 Impersonate the Original Caller Temporarily......Page 115 Use Delegation to Access Network Resources......Page 116 Impersonate Using the WindowsIdentity Constructor (S4U Kerberos Extensions)......Page 117 Impersonate Using the LogonUser API......Page 118 Impersonate the Original Caller Declaratively for the Entire Service......Page 119 Impersonate the Original Caller Programmatically Within an Operation......Page 120 Controlling Impersonation on the Client Side......Page 121 Related Items......Page 122 Additional Resources......Page 123 Transport Security......Page 124 Message Security......Page 125 Transfer Security Modes......Page 126 Transport Security in WCF......Page 127 Internet Scenarios......Page 128 Protection Level......Page 129 Internet Scenarios......Page 130 WCF Built-in Bindings......Page 132 Bindings Behaviors and Endpoints......Page 134 netMsmqBinding......Page 135 Internet Binding Scenarios......Page 136 Message Encoding Binding Elements......Page 137 Transport Binding Elements......Page 138 Custom Binding Configuration Examples......Page 139 Part III - Intranet Application Scenarios......Page 140 Key Characteristics......Page 141 Solution Summary Table......Page 142 Web Server......Page 143 Application Server......Page 144 Database Server......Page 146 Web Server......Page 147 Application Server......Page 148 Domain Controller......Page 149 Web Server......Page 150 Application Server......Page 151 Additional Resources......Page 153 Key Characteristics......Page 155 Solution Summary Table......Page 156 Web Server......Page 157 Application Server......Page 159 Communication Security......Page 161 Web Server......Page 162 Database Server......Page 163 Web Server......Page 164 Application Server......Page 166 Additional Resources......Page 168 Key Characteristics......Page 169 Solution Summary Table......Page 170 Web Server......Page 171 Application Server......Page 173 Database Server......Page 174 Web Server......Page 175 Application Server......Page 176 Communication Security......Page 177 Web Server......Page 178 Application Server......Page 180 Additional Resources......Page 182 Key Characteristics......Page 184 Thick Client......Page 185 Application Server......Page 186 Database Server......Page 188 Application Server......Page 189 Communication Security......Page 190 Application Server......Page 191 Database Server......Page 192 Additional Resources......Page 193 Part IV - Internet Application Scenarios......Page 194 Key Characteristics......Page 195 Solution Summary Table......Page 196 Clients......Page 197 Application Server......Page 198 Communication Security......Page 202 Application Server......Page 203 Communication Security......Page 204 IIS......Page 205 WCF......Page 209 Additional Resources......Page 212 Key Characteristics......Page 213 Solution Summary Table......Page 214 Web Server......Page 215 Application Server......Page 218 Communication Security......Page 220 Application Server......Page 221 Communication Security......Page 222 Web Server......Page 223 Application Server......Page 226 Additional Resources......Page 227 Key Characteristics......Page 228 Thick Client......Page 229 Application Server......Page 230 Database Server......Page 234 Application Server......Page 235 Application Server......Page 236 Client......Page 239 Additional Resources......Page 240 Authentication......Page 241 Bindings......Page 242 Impersonation/Delegation......Page 243 Message Security......Page 244 Sensitive Data......Page 245 Deployment Considerations......Page 246 Index......Page 247 Design Considerations......Page 250 If You Are Migrating from DCOM, Consider Using netTcpBinding......Page 251 If You Require Interoperability with Non-Microsoft Clients, Use Bindings That Are Targeted for Interoperability......Page 252 Know Your Authentication Options......Page 253 Know Your Authorization Options......Page 254 Know Your Binding Options......Page 255 Choose the Right Binding for Your Scenario......Page 256 Auditing and Logging......Page 257 Use WCF Auditing to Audit Your Service......Page 258 Use Message Logging for Debugging Purposes......Page 259 Instrument for User Management Events......Page 260 Do Not Log Sensitive Information......Page 261 Protect Information in Log Files......Page 262 Authentication......Page 263 Know Your Authentication Options......Page 264 Use Windows Authentication When You Can......Page 265 If You Are Using Username Authentication, use a Membership Provider Instead of Custom Authentication......Page 266 If Your Users Are in a SQL Server Membership Store, Use the SQL Server Membership Provider......Page 267 If Your Users Are in a Custom Store, Consider Using Username Authentication with a Custom Validator......Page 268 If Your Partner Applications Need to Be Authenticated When Calling WCF Services, Use Client Certificate Authentication......Page 269 If You Are Using Username Authentication, Validate User Login Information......Page 270 Protect Access to Your Credential Store......Page 271 If You Store Role Information in Windows Groups, Consider Using the WCF PrincipalPermissionAttribute Class for Role Authorization......Page 272 If You Use Windows Groups for Authorization, Use the ASP.NET Role Provider with AspNetWindowsTokenRoleProvider......Page 273 If You Store Role Information in SQL Server, Consider Using the SQL Server Role Provider for Role Authorization......Page 275 If You Store Role Information in a Custom Store, Create a Custom Authorization Policy......Page 276 If You Need to Perform Fine-Grained Authorization Based on Business Logic, Use Imperative Authorization......Page 277 Bindings......Page 278 If You Need to Expose Your WCF Service to Legacy Clients as an ASMX Web Service, Use basicHttpBinding......Page 279 If You Need to Support WCF Clients Within an Intranet, Consider Using netTcpBinding......Page 280 If You Need to Support WCF Clients on the Same Machine, Consider Using netNamedPipeBinding......Page 281 If You Need to Support Disconnected Queued Calls, Use netMsmqBinding......Page 282 If You Need to Support Bidirectional Communication Between a WCF Client and WCF Service, Use wsDualHttpBinding or netTcpBinding......Page 283 Use Replay Detection to Protect Against Message Replay Attacks......Page 284 If You Host Your Service in a Windows Service, Expose a Metadata Exchange (mex) Binding......Page 285 Encrypt Configuration Sections That Contain Sensitive Data......Page 286 Use Structured Exception Handling......Page 287 Do Not Divulge Exception Details to Clients in Production......Page 288 Use a Fault Contract to Return Error Information to Clients......Page 289 Run Your Service in a Least-Privileged Account......Page 290 Use IIS to Host Your Service Unless You Need to Use a Transport That IIS Does Not Support......Page 291 Know the Tradeoffs Involved in Impersonation......Page 292 Impersonate Using the LogonUser API......Page 293 Impersonate the Original Caller Declaratively on the Entire Service......Page 294 Consider Using Programmatic Instead of Declarative Impersonation......Page 295 When Impersonating Declaratively, Only Impersonate on the Operations That Require It......Page 296 Consider Using the S4U Feature for Impersonation and Delegation When You Cannot Do a Windows Mapping......Page 297 Consider Using the LogonUser API if Your WCF Service Cannot Be Trusted for Delegation......Page 298 Use Constrained Delegation if You Have to Flow the Original Caller to the Back-end Services......Page 299 If You Need to Validate Parameters, Use Parameter Inspectors......Page 300 Use Schemas with Message Inspectors to Validate Messages......Page 301 Use Regular Expressions in Schemas to Validate Format, Range, or Length......Page 302 Implement the AfterReceiveRequest Method to Validate Inbound Messages on the Service......Page 303 Implement the AfterReceiveReply Method to Validate Inbound Messages on the Client......Page 304 Validate Operation Parameters for Length, Range, Format, and Type......Page 305 Avoid User-supplied File Name and Path Input......Page 306 Do Not Echo Untrusted Input......Page 307 If You Need to Support Clients in an Intranet, Use Transport Security......Page 312 Proxy Considerations......Page 313 If You Need to Publish Your WCF Service Metadata, Publish It Using Secure Binding......Page 314 Sensitive Data......Page 315 Do Not Cache Sensitive Data......Page 316 Be Aware That basicHttpBinding Will Not Protect Sensitive Data by Default......Page 317 Do Not Use Temporary Certificates in Production......Page 318 Use IIS to Host Your WCF Service Wherever Possible......Page 319 Protect Sensitive Data in Your Configuration Files......Page 320 Index......Page 322 How to Audit Security Events......Page 325 How to Enable WCF Message Logging......Page 326 How to Enable WCF Tracing......Page 328 How to Use Health Monitoring in WCF......Page 329 How to Filter Sensitive Data from Your Logs......Page 331 How to View Trace Information......Page 332 How to Turn Off Audit Failure Suppression......Page 333 How to Authenticate Users Against the SQL Server Membership Provider......Page 334 How to Authenticate Users against Active Directory......Page 336 How to Authenticate Users with Certificates......Page 337 How to Map Certificates with Windows Accounts......Page 338 How to Authenticate Users Against a Custom User Store......Page 339 How to Authorize Declaratively......Page 340 How to Authorize Imperatively if You Use a Role Provider......Page 341 How to Perform Resource-based Authorization......Page 342 How to Perform Role-based Authorization......Page 343 How to Authorize Users Against Windows Groups Using AspNetWindowsTokenRoleProvider......Page 345 How to Authorize Users Against the SQL Server Role Provider......Page 346 How to Authorize Users Against the ASP.NET Role Provider......Page 348 How to Assign the Current Principal with IAuthorizationPolicy to Allow Authorization Using Custom Authentication......Page 350 How to Authorize Users Against ADAM Using the Authorization Manager Role Provider......Page 352 How to Map Roles to Certificates......Page 354 How to Encrypt Sensitive Data in Your Configuration Files......Page 355 How to Create a Service Account for Your WCF Service......Page 356 How to Protect Against Message Replay Attacks......Page 357 How to Configure Certificates to Enable SSL in IIS......Page 358 How to Map Windows Accounts with Certificates......Page 359 How to Create a Service Principle Name (SPN)......Page 360 How to Create an X.509 Certificate......Page 361 How to Shield Exception Information with Fault Contracts......Page 362 How to Avoid Faulting the Channels with Fault Contracts......Page 363 How to Create an Error Handler to Log Details of Faults for Auditing Purposes......Page 364 How to Handle Unhandled Exceptions In Downstream Services......Page 365 How to Throw an Exception with Complex Types or Data Contracts with a Fault Exception......Page 366 How to Implement a Data Contract to Propagate Exception Details for Debugging Purposes......Page 367 How to Host WCF in IIS......Page 369 How to Host WCF in a Windows Service......Page 370 How to Self-host WCF......Page 371 How to Configure a Least-privileged Account to Host Your Service......Page 372 How to Choose Between a Trusted Subsystem and Impersonation/Delegation......Page 373 How to Impersonate the Original Caller when Using Windows Authentication......Page 374 How to Impersonate Programmatically in WCF......Page 375 How to Impersonate Declaratively In WCF......Page 376 How to Impersonate the Original Caller Without Windows Authentication......Page 377 How to Impersonate the Original Caller Using S4U Kerberos Extensions......Page 378 How to Impersonate and Delegate Using the LogonUser Windows API......Page 379 How to Control Access to a Remote Resource Based on the Original Caller’s Identity......Page 381 How to Protect Your Service from Malicious Messages......Page 382 How to Protect Your Service from Denial Of Service Attacks......Page 383 How to Validate Parameters with Parameter Inspectors......Page 384 How to Validate Messages with Message Inspectors Using Schemas......Page 385 How to Validate Data Contracts with Message Inspectors Using Schemas......Page 386 How to Validate Message Contracts with Message Inspectors Using Schemas......Page 387 How to Use Regular Expressions to Validate Format, Range, and Length in Schemas......Page 388 How to Validate Outbound Messages on a Service......Page 390 How to Validate Input Parameters......Page 391 How to Use Message Security......Page 392 How to Use Out-of-band Credentials with Message Security......Page 393 How to Publish Service Metadata for Your Clients......Page 394 How to Create a Proxy for an IIS-hosted Service with Certificate Authentication and Transport Security......Page 396 How to Encrypt Sensitive Data in Configuration Files......Page 397 How to Protect Sensitive Data in Memory......Page 398 How to Use Transport Security......Page 399 How to Create a Temporary X.509 Certificate for Transport Security......Page 400 How to Create a Temporary X.509 Certificate for Message Security......Page 401 How to Create a Temporary X.509 Certificate for Certificate Authentication......Page 402 Index......Page 403 How do I decide on an authentication strategy?......Page 406 How do I decide on an authorization strategy?......Page 408 How do I use my existing Active Directory infrastructure?......Page 409 When should I impersonate the original caller?......Page 410 How do I migrate to WCF from an ASMX Web service?......Page 411 How do I migrate to WCF from a COM application?......Page 412 How do I migrate to WCF from a WSE application?......Page 413 How do I enable logging and auditing in WCF?......Page 414 How do I stop my service if there has been an auditing failure?......Page 416 How do I log important business events in WCF?......Page 417 How do I implement log throttling in WCF?......Page 418 How do I use health monitoring feature with WCF?......Page 419 How to I pass user identity information in a message for auditing purpose?......Page 420 Authentication......Page 422 How do I decide on an authentication strategy in WCF?......Page 423 How do I authenticate against a SQL store?......Page 424 How do I authenticate against a custom store?......Page 426 How do I use certificate authentication with X.509 certificates?......Page 427 What is federated security?......Page 428 Authorization......Page 429 What’s the difference between resource-based, roles-based, and claims-based authorization?......Page 430 How do I use the SQL Server role provider for ASP.NET role authorization in WCF?......Page 431 How do I use the Authorization Store role provider for ASPNET role authorization in WCF?......Page 433 What is the difference between declarative and imperative roles authorization?......Page 434 How do I restrict access to WCF operations to specific Windows users?......Page 435 How do I create a service principal name (SPN)?......Page 436 What bindings are available?......Page 437 Which bindings are best suited for the Intranet?......Page 439 How do I choose an appropriate binding?......Page 440 How do I encrypt sensitive data in the WCF configuration file?......Page 441 When should I use a configuration file versus the WCF object model?......Page 442 What are the additional considerations for using WCF in a Web farm?......Page 443 How do I create an X.509 certificate?......Page 444 How do I configure a least-privileged account for my service?......Page 445 How do I implement a global exception handler?......Page 446 How do I define a fault contract?......Page 447 How do I avoid sending exception details to the client?......Page 448 When should I host my service in IIS?......Page 449 Impersonation/Delegation......Page 450 What is the difference between impersonation and delegation?......Page 451 How do I temporarily impersonate the original caller in an operation call?......Page 452 What is constrained delegation?......Page 453 How do I flow the original caller from the ASP.NET client to a WCF service?......Page 454 What is the difference between declarative and programmatic impersonation?......Page 455 When should I flow the original caller to back-end code?......Page 456 How do I implement input and data validation in WCF?......Page 457 What is parameter validation?......Page 458 How do I protect my service from malicious input attacks?......Page 459 When should I use message security?......Page 460 How do I protect my message when there are intermediaries routing my message?......Page 461 How do I avoid proxy spoofing?......Page 462 How do I protect sensitive data in configuration files?......Page 463 How do I protect sensitive data in memory?......Page 464 How do I protect sensitive data from being tampered with on the wire?......Page 465 Do I need to create a certificate signed by the root CA certificate?......Page 466 How do I use X.509 certificate revocation?......Page 467 Overview......Page 468 Step 2 – Enable Auditing for Your WCF Service......Page 469 Step 3 – Enable Logging and Tracing for Your WCF Service......Page 470 Step 6 – Test the Client and WCF Service......Page 472 Step 7 – Verify the Service Events in the Event Log......Page 473 Additional Resources......Page 474 Objectives......Page 475 Overview......Page 476 Step 1 – Create a Certificate to Act as Your Root Certificate Authority......Page 477 Step 3 – Install Your Root Certificate Authority Certificate on the Server and Client Machines......Page 478 Step 4 – Install the Certificate Revocation List File on the Server and Client Machines......Page 479 Step 5 – Create and Install Your Temporary Service Certificate......Page 480 Step 6 – Give the WCF Process Identity Access to the Temporary Certificate’s Private Key......Page 482 Additional Resources......Page 483 Overview......Page 485 Step 1 – Create a Certificate to Act as Your Root Certificate Authority......Page 486 Step 2 – Install Your Root Certificate Authority on the Server and Client Machines......Page 487 Step 3 – Create and Install Your Temporary Service Certificate......Page 488 Additional Resources......Page 489 Overview......Page 491 Summary of Steps......Page 492 Step 1 – Create a Certificate to Act as Your Client Root Certificate Authority......Page 493 Step 3 – Install Your Client Root Certificate Authority on the Client and Server Machines......Page 494 Step 4 – Install the Certificate Revocation List File on the Server and Client Machines......Page 495 Step 5 – Create and Install Your Temporary Client Certificate......Page 496 Additional Resources......Page 497 Overview......Page 499 Step 1 – Create a WCF service......Page 500 Step 2 – Configure the WCF Endpoints to Use TCP and Set the Base Address......Page 501 Step 5 – Modify the Windows Service to Host the WCF Service......Page 502 Step 6 – Install the Windows Service......Page 504 Step 9 – Test the Client and WCF Service......Page 505 Additional Resources......Page 506 Overview......Page 507 Before You Begin......Page 508 Step 3 – Configure the SPN Identity for the WCF Service Endpoint......Page 509 Step 4 – Implement Impersonation in the WCF Service......Page 510 Step 6 – Add a WCF Service reference to the client......Page 511 Step 8 – Configure the Web Application for Constrained Delegation......Page 512 Step 9 – Test the Client and WCF Service......Page 513 Additional Information......Page 514 Additional Resources......Page 515 Overview......Page 517 Step 1 – Create a Sample WCF Service......Page 518 Step 4 – Create a Test Client Application......Page 519 Additional Information......Page 520 Additional Resources......Page 522 Overview......Page 523 Step 1 – Create a Sample WCF Service......Page 524 Step 3 – Create a Class That Implements the Validation Logic......Page 525 Step 4 – Create a Class That Implements a Custom Endpoint Behavior......Page 527 Step 5 – Create a Class That Implements a Custom Configuration Element......Page 529 Step 6 – Add the Custom Behavior to the Configuration File......Page 530 Step 8 – Configure the Service Endpoint to Use the Endpoint Behavior......Page 531 Additional Resources......Page 532 Objectives......Page 534 Step 1 – Create a Sample WCF Service......Page 535 Step 3 – Create the Schema to Validate the Message......Page 537 Step 5 – Create a Class That Implements the Schema Validation Logic......Page 540 Step 6 – Create a Class That Implements a Custom Endpoint Behavior......Page 543 Step 7 – Create a Class That Implements a Custom Configuration Element......Page 544 Step 8 – Add the Custom Behavior to the Configuration File......Page 545 Step 9 – Create an Endpoint Behavior and Map It to Use the Custom Behavior......Page 546 Step 11 - Test the Schema Validator......Page 547 Additional Resources......Page 548 Overview......Page 550 Step 2 – Configure the WCF Service to Use basicHttpBinding......Page 551 Step 3 – Configure basicHttpBinding to use Windows Authentication with TransportCredentialOnly......Page 552 Step 5 – Create a Windows Forms Test Client Application......Page 553 Additional Resources......Page 554 Overview......Page 556 Step 1 – Create a Sample WCF Service......Page 557 Step 2 – Configure wsHttpBinding with Certificate Authentication and Message Security......Page 558 Step 4 – Configure the Service Certificate for the WCF Service......Page 559 Step 6 – Add a WCF Service Reference to the Client......Page 560 Step 8 – Configure the Client Certificate in the WCF Client Application......Page 561 Step 9 – Test the Client and WCF Service......Page 562 Additional Resources......Page 563 Objectives......Page 564 Overview......Page 565 Step 3 – Create a Sample WCF Service......Page 566 Step 4 – Configure wsHttpBinding with Certificate Authentication and Transport Security......Page 567 Step 5 – Configure the mex Endpoint to Use wsHttpbinding with Certificate Authentication Configuration......Page 568 Step 7 – Create a Test Client......Page 569 Step 8 – Create a Svcutil Configuration File in the Client Machine......Page 570 Step 9 – Create a Proxy with the svcutil.exe Tool......Page 571 Additional Resources......Page 572 Overview......Page 573 Step 1 – Create a Sample WCF Service......Page 574 Step 3 – Identify and Configure the Remote Service to Be Accessed......Page 575 Step 4 – Configure the WCF Service Identity Trusted for Constrained Delegation......Page 576 Step 6 – Create a Test Client Application......Page 578 Additional Resources......Page 579 Overview......Page 580 Step 1 – Create a Custom Web Event......Page 581 Step 2 – Create a WCF Service for Monitoring......Page 582 Step 4 – Instrument Your WCF Service......Page 583 Step 7 – Test the Client and WCF Service......Page 584 Additional Resources......Page 585 Overview......Page 587 Step 2 – Create a Sample WCF Service......Page 589 Step 3 – Modify the Windows Service to Host the WCF Service......Page 590 Step 4 – Configure the WCF Service to Use netTcpBinding with Message Security......Page 591 Step 5 – Configure the WCF Service to Publish Metadata......Page 592 Step 8 – Test the Client and WCF Service......Page 594 Additional Resources......Page 595 Overview......Page 596 Summary of Steps......Page 597 Step 2 – Create a Sample WCF Service......Page 598 Step 3 – Modify the Windows Service to Host the WCF Service......Page 599 Step 4 – Configure the WCF Service to Use netTcpBinding with Transport Security......Page 600 Step 5 – Configure the WCF Service to Publish Metadata......Page 601 Step 7 – Create a Test Client Application......Page 602 Additional Resources......Page 603 Objectives......Page 605 Summary of Steps......Page 606 Step 2 – Configure wsHttpBinding with Certificate Authentication and Message Security......Page 607 Step 3 – Create and Install a Service Certificate......Page 608 Step 5 – Impersonate the Original Caller in the WCF Service......Page 609 Step 6 – Configure the WCF Service Identity for Protocol Transition and Constrained Delegation......Page 611 Step 7 – Create a Test Client......Page 612 Step 10 – Configure the Client Certificate in the WCF Client Application......Page 613 Step 11 – Test the Client and WCF Service......Page 614 Additional Resources......Page 615 Objectives......Page 616 Step 1 – Create a WCF Service with Username Authentication Using the SQL Server Membership Provider......Page 617 Step 2 – Create a Role Store for the SQL Server Role Provider......Page 618 Step 4 – Enable and Configure the Role Provider......Page 619 Step 5 – Create Roles and Assign Users......Page 620 Step 8 – Add a WCF Service Reference to the Client......Page 621 Step 9 – Configure the Client to Set RevocationMode to NoCheck......Page 622 Step 10 – Test the Client and WCF Service......Page 623 Additional Resources......Page 624 Overview......Page 625 Step 1 – Create a WCF Service with Windows Authentication......Page 626 Step 3 – Grant Access Permission to the WCF Service Process Identity......Page 627 Step 4 – Enable and Configure the Role Provider......Page 628 Step 6 – Implement Declarative Role-based Security......Page 630 Step 9 – Test the Client and WCF Service......Page 631 Additional Resources......Page 632 Objectives......Page 633 Step 1 – Create a User Store for SQL Membership Provider......Page 634 Step 2 – Grant Access Permission to the WCF Service Process Identity......Page 635 Step 4 – Configure wsHttpBinding with Username Authentication and Message Security......Page 636 Step 5 – Configure Membership Provider for Username Authentication......Page 637 Step 7 – Configure the Service Certificate for WCF......Page 639 Step 11 – Test the Client and WCF Service......Page 640 Additional Resources......Page 641 Contents......Page 642 Summary of Steps......Page 643 Step 2 – Grant Access Permission to the WCF Service Process......Page 644 Step 3 – Create a Sample WCF Service......Page 645 Step 4 – Configure basicHttpBinding with Transport Security and an Authentication Type of “None”......Page 646 Step 6 – Configure the SQL Server Membership Provider in the Web Configuration File......Page 647 Step 7 – Configure the SQL Server Role Provider and Enable It in WCF......Page 648 Step 8 – Create the User and Assig

قیمت نهایی

۴۴٬۰۰۰ تومان