Security and WCF Streams

Target Audience
Expected Duration
Lesson Objectives
Course Number
Expertise Level

WCF, similar to any Web Service, must be secured. In this course, you will learn about WCF Security, transport security, and message security. Additionally, you will be introduced to client authentication and authorization.

Target Audience
Software developers or security personnel who need to secure or maintain security of WCF services


Expected Duration (hours)

Lesson Objectives

Security and WCF Streams

  • start the course
  • use WCF Stream operations to handle both requests and provide responses
  • work with the WCF Duplex messaging pattern to create a Duplex service
  • create a service using Asynchronous service operations
  • describe the aspects of building secure applications
  • describe the aspects of security that the WCF Framework provides and those that must still be addressed in development
  • describe how to use a secured channel to convey data securely between a client and a service
  • configure a service and client to securely transport data, including configuring IIS to use HTTPS
  • work with transport security to consume a secure WCF service
  • describe the benefits and limitations of using WCF message security
  • configure the bindings for a service to support message security
  • configure a client to consume a service secured with message security
  • use message credentials and transport security to secure communications
  • describe how to authenticate clients and use role-based authorization
  • authenticate clients using a username and password
  • create a custom username and password validator
  • use role-based permissions to grant and deny access
  • use transport and message security to protect communications and use client authentication and authorization to provide access to services
  • Course Number:

    Expertise Level