![Service Contracts
[ServiceContract] – Defines a ‘set’ of operations
[OperationContract] – Defines a single method
Slide 14
[ServiceContract]
public interface IService
{
[OperationContract]
string GetData(int value);
}
public class ConcreteService : IService
{
public string GetData(int value)
{ ... }
public string OtherMethod()
{ ... }
}](https://image.slidesharecdn.com/109605cc-9a27-40d1-bc55-53acb1838feb-150310002350-conversion-gate01/85/Lunch-Learn-WCF-Security-15-320.jpg)
![Data Contracts
[DataContract] – Specifies type as a data contract
[DataMember] – Members that are part of contract
Slide 15
[DataContract]
public class CustomType
{
[DataMember]
public bool MyFlag { get; set; }
[DataMember]
public string MyString { get; set; }
}](https://image.slidesharecdn.com/109605cc-9a27-40d1-bc55-53acb1838feb-150310002350-conversion-gate01/85/Lunch-Learn-WCF-Security-16-320.jpg)
![Role-Based Authorization
Using the PrincipalPermission Object
Is the user authenticated?
Is the user in a particular role?
Is a particular user calling?
[PrincipalPermission (SecurityAction.Demand, Role = "Administrators")]
public string AdminsOnly() {
// protected code
}
public string AdminsOnly() {
// unprotected code
PrincipalPermission p = new PrincipalPermission(null, "Administrators");
p.Demand();
// protected code
}
29](https://image.slidesharecdn.com/109605cc-9a27-40d1-bc55-53acb1838feb-150310002350-conversion-gate01/85/Lunch-Learn-WCF-Security-30-320.jpg)
![Claims-Based Identity Model
ServiceSecurityContext security = OperationContext.Current.ServiceSecurityContext;
string user = security.PrimaryIdentity.Name;
string email = null;
IEnumerable<Claim> claims = security.AuthorizationContext.ClaimSets[0].FindClaims(
ClaimTypes.Email,Rights.PossessProperty);
foreach (Claim c in claims) {
email = c.Resource as string;
}
if (string.IsNullOrEmpty(user) || email == null) throw new SecurityException(
"Unauthorized access. Email claim not found.");
31](https://image.slidesharecdn.com/109605cc-9a27-40d1-bc55-53acb1838feb-150310002350-conversion-gate01/85/Lunch-Learn-WCF-Security-32-320.jpg)
![Impersonation
When Windows credentials are used, the service can be configured to
impersonate callers so that the request thread operates under the
impersonated Windows token.
[OperationBehavior(Impersonation = ImpersonationOption.Allowed)]
public string DoSomething() { ... }
ImpersonationOption.NotAllowed. The caller will not be impersonated.
ImpersonationOption.Allowed. The caller will be impersonated if a Windows
credential is provided.
ImpersonationOption.Required. The caller will be impersonated and a Windows
credential must be provided to support this.
33](https://image.slidesharecdn.com/109605cc-9a27-40d1-bc55-53acb1838feb-150310002350-conversion-gate01/85/Lunch-Learn-WCF-Security-34-320.jpg)
Lunch Learn - WCF Security
- 1. By Paul Senatillaka WCF Security
- 2. Agenda Introduction to WCF - What is it? Why use it? - Fundamentals and the ABCs of WCF WCF Security Overview - Bindings
- 4. What is WCF? Stands for Windows Communication Foundation One of the 4 pillars of .NET 3.0 Microsoft’s unified programming model (the service model) for building Service-Oriented Applications
- 5. Windows Communication Foundation WCF provides: - an SDK for creating SOA - a runtime for running Services on Windows Services send and receive messages All messages are SOAP messages WCF takes care of all the plumbing Slide 4
- 6. Why use WCF? Interoperable and Standards based - Supports WS-* protocols Unified Programming Model - Unifies previous models like .NET Remoting, ASMX web services, COM+ etc Productive Programming Model - Declarative - Imperative - Configuration based Slide 5
- 7. WCF: How does it work? SOAP (Simple Object Access Protocol) - is a protocol specification for exchanging structured information in the implementation of Web Services XML
- 9. WCF Endpoints Every service has Address - Where the service is Binding - How to talk to the service Contract - What the service can do Slide 8
- 10. The EndPoint Anology Slide 9 Address Binding Contract
- 11. Address Combination of transport, server name, port & path Transport is determined by the binding Examples http://localhost:8001 https://localhost:8001 net.tcp://localhost:8002/MyService net.msmq://localhost/MyService Slide 10
- 12. Bindings Transport - HTTP/S - TCP - MSMQ Message formats and encoding - Plain text - Binary - Message Transmission Optimization Mechanism (MTOM) Communication security - No security - Transport security - Message security - Authenticating and authorizing callers Slide 11
- 13. Out of the box Bindings BasicHttpBinding WSHttpBinding WS2007HttpBinding WSDualHttpBinding WSFederationHttp Binding WS2007FederationHttpBinding NetTcpBinding NetNamedPipeBinding NetMsmqBinding NetPeerTcpBinding WebHttpBinding MsmqIntegrationBinding Slide 12
- 14. Contracts Service contracts - Defines operations, communications and behaviors. Data contracts - Defines data entities and parameter types. Fault contracts - Defines error types Message contracts - Defines message formats Slide 13
- 15. Service Contracts [ServiceContract] – Defines a ‘set’ of operations [OperationContract] – Defines a single method Slide 14 [ServiceContract] public interface IService { [OperationContract] string GetData(int value); } public class ConcreteService : IService { public string GetData(int value) { ... } public string OtherMethod() { ... } }
- 16. Data Contracts [DataContract] – Specifies type as a data contract [DataMember] – Members that are part of contract Slide 15 [DataContract] public class CustomType { [DataMember] public bool MyFlag { get; set; } [DataMember] public string MyString { get; set; } }
- 17. Hosting IIS - HTTP only - Process recycling, failover protection, common config WAS (Windows Activation Service) - Can use any transport - Vista and Windows Server 2008 only Self hosting - Can use any transport - Can be hosted within Console, WinForms, etc Applications Windows Service - Can use any transport Slide 16
- 18. WCF Security Overview Slide 17
- 19. WCF Security WCF Security Provides: Authentication – Identifying the message sender Integrity – Signed msgs to ensure not altered Confidentiality – Encryption Authorization – Determines functionality entitled to execute Your binding selection will influence the available configuration options for the service security policy. 18
- 20. WCF Security Programming WCF security is based on three steps setting the following: - the security mode - a client credential type - the credential values. 19
- 21. WCF Binding Comparison 20 Binding Security Default Transport Protocol Encoding Default Host basicHttpBinding None, Transport, Message, Mixed HTTP Text/XML, MTOM IIS, WAS wsHttpBinding Message, Transport, Mixed HTTP Text/XML, MTOM IIS, WAS netTcpBinding Transport, Message, Mixed TCP Binary WAS netNamedPipeBin ding Transport, None Named Pipe Binary WAS netMsmqBinding Message, Transport, None TCP Binary WAS netPeerTcpBinding Transport P2P Binary -
- 22. WCF Binding Comparison Binding Interoperability Security (Default) Session (Default) Encoding (Default) Streaming (Default) BasicHttpBinding Basic Profile 1.1 (None), Transport, Message, Mixed (None) Text, (MTOM) Yes (buffered) WSHttpBinding WS Transport, (Message), Mixed (None), Reliable Session, Security Session (Text), MTOM No WSDualHttpBinding WS (Message), None (Reliable Session), Security Session (Text), MTOM No WSFederationHttpBinding WS-Federation (Message), Mixed, None (None), Reliable Session, Security Session (Text), MTOM No NetTcpBinding .NET (Transport), Message, None, Mixed (Transport), Reliable Session, Security Session Binary Yes (buffered) NetNamedPipeBinding .NET (Transport), None None, (Transport) Binary Yes (buffered) NetMsmqBinding .NET Message, (Transport), None (None), Transport Binary No NetPeerTcpBinding Peer (Transport) (None) No MsmqIntegrationBinding MSMQ (Transport) (None) n/a No BasicHttpContextBinding Basic Profile 1.1 (None), Transport, (None) Text, (MTOM) Yes (buffered) 21
- 23. Setting the Binding 1. Select one of the predefined bindings appropriate to your application requirements. By default, nearly every binding has security enabled. The binding you select determines the transport. For example, WSHttpBinding uses HTTP as the transport; NetTcpBinding uses TCP. <system.serviceModel> <services> <service name=“LunchLearn.TestService" > <endpoint contract="LunchLearn.ITestService“ binding="wsHttpBinding"/> </service> </services> </system.serviceModel> 22
- 24. Setting the Security Mode 2. Select one of the security modes for the binding. Note that the binding you select determines the available mode choices You have three choices: Transport Message TransportWithMessageCredential <wsHttpBinding> <binding name="wsHttp"> <security mode="Message"> <message clientCredentialType="UserName" /> </security> </binding> </wsHttpBinding> 23
- 25. Transport Transport security depends on the mechanism that the binding you've selected uses. For example, if you are using WSHttpBinding then the security mechanism is Secure Sockets Layer (SSL) Pro: Generally speaking, good throughput no matter which transport you are using. Con: Security is implemented in a hop-by-hop manner rather than end- to-end. If you decide to use transport security for HTTP (in other words, HTTPS), you must also configure the host with an SSL certificate and enable SSL on a port. 24
- 26. Message Each message is encrypted Pros: End to End Security Because the composition of the headers varies, you can include any number of credentials for interoperability Con: Little bit of overhead, encrypting each message. 25
- 27. Setting the Client Credential Type The choice of client credential type depends on the security mode in place. For transport security you can require a Windows credential or certificate Message security supports any of the following settings for clientCredentialType: None Windows UserName Certificate IssuedToken 26
- 28. Setting the Client Credential Type This code snippet illustrates how to select a clientCredentialType for message security. <wsHttpBinding> <binding name="wsHttp"> <security mode="Message"> <message clientCredentialType=“Windows" algorithmSuite="TripleDes" /> </security> </binding> </wsHttpBinding> 27
- 29. Role-Based Authorization The identity of the caller is attached to the executing request thread in the form of a security principal, accessible through the CurrentPrincipal property. System.Threading.Thread.CurrentPrincipal Implements System.Security.Principal.Iprincipal This interface has two members: A read-only Identity property that returns a reference to the IIdentity for the request. When IsInRole() is invoked, it uses the configured RoleProvider to check if this identity is in the specified role. 28
- 30. Role-Based Authorization Using the PrincipalPermission Object Is the user authenticated? Is the user in a particular role? Is a particular user calling? [PrincipalPermission (SecurityAction.Demand, Role = "Administrators")] public string AdminsOnly() { // protected code } public string AdminsOnly() { // unprotected code PrincipalPermission p = new PrincipalPermission(null, "Administrators"); p.Demand(); // protected code } 29
- 31. Claims-Based Identity Model The identity model in WCF supports a rich, claims-based approach to authorization. Can add a welcome layer of granularity. Claims can be proof of possession of information such as an e-mail address, birth date, or first and last name. Custom claims can be created to indicate the ability to access specific business entities or their storage location. 30
- 32. Claims-Based Identity Model ServiceSecurityContext security = OperationContext.Current.ServiceSecurityContext; string user = security.PrimaryIdentity.Name; string email = null; IEnumerable<Claim> claims = security.AuthorizationContext.ClaimSets[0].FindClaims( ClaimTypes.Email,Rights.PossessProperty); foreach (Claim c in claims) { email = c.Resource as string; } if (string.IsNullOrEmpty(user) || email == null) throw new SecurityException( "Unauthorized access. Email claim not found."); 31
- 34. Impersonation When Windows credentials are used, the service can be configured to impersonate callers so that the request thread operates under the impersonated Windows token. [OperationBehavior(Impersonation = ImpersonationOption.Allowed)] public string DoSomething() { ... } ImpersonationOption.NotAllowed. The caller will not be impersonated. ImpersonationOption.Allowed. The caller will be impersonated if a Windows credential is provided. ImpersonationOption.Required. The caller will be impersonated and a Windows credential must be provided to support this. 33
- 35. Impersonation You can also set this for all operations by declaratively <behaviors> <serviceBehaviors> <behavior name="serviceBehavior"> <serviceAuthorization impersonateCallerForAllOperations=“true"/> </behavior> </serviceBehaviors> </behaviors> 34
- 36. Summary Which binding to use: WSHttpBinding – Default security for message encryption BasicHttpBinding NetMsmqBinding
- 37. Questions? Slide 36 Slides re-used from http://blogesh.wordpress.com/2009/02/11/wcf- presentation-slides/
- 38. RSM McGladrey, Inc. 80 City Square Boston, MA 02129 www.mcgladrey.com