WCF distributed development step by step wins: WCF Security programming-basic concepts

WCF security is a very complex issue because there are more knowledge points involved, so today's article analyzes what knowledge should be learned about WCF security development. How to view the data. To better understand WCF security-related knowledge, I sorted the WCF security mechanism's main knowledge points into charts. This chapter focuses on the basic concepts of WCF security mechanisms.

To learn about WCF security programming, what basic knowledge should you learn first? Many times because of the lack of system security concepts, in the development of WCF security programming, encountered many problems, such as the certificate, the concept that many beginners in the first contact time spent a lot of time. I went through a lot of information when I was doing WSE security development. So what is the knowledge that WCF security development should grasp? Today we are here to do a detailed introduction:

Windows Communication Foundation (WCF) is a distributed programming platform based on SOAP messages, and we can use existing technologies (such as HTTPS), Windows integrated security, or the user Authenticated user names and passwords generate secure distributed applications. WCF provides a common platform for interoperable secure message exchange based on the existing security infrastructure and the proven security standards for SOAP messages. By using WCF security, we can interact with service and client data across multiple Windows domains over the internet. Some of the knowledge points about WCF security are described below:

"0" Security development must be knowledge points:

(1) Symmetric encryption Algorithm Des, also known as the key algorithm.

(2) Asymmetric encryption algorithm, also known as Public key algorithm. Use a pair of keys to work with. such as RSA algorithm;

(3) Hashing algorithm: MD5 (Message DIGEST5 Digest algorithm), sha1,sha256 and other concepts. The signature is also in the application of the hashing algorithm.

(4) ws-security safety specification. This is an important security specification that is supported from Web service, WSE3.0 to current WCF services.

(5) certificate. This is an application of asymmetric encryption. CA Certificate Management Authority. How to create certificates and manage certificates. and other concepts have some understanding.

The algorithm here mainly discusses how to apply, namely how to encrypt, decrypt, message signature and so on. You will have a better understanding of WCF security when you understand these concepts.

In fact, this issue has been discussed in detail in the WSE3.0 Building Web Services Security (4) series. If you have seen this series of articles, it will be much easier to understand the relevant concepts. Safety related knowledge points are introduced, this is also why took time to learn WSE3.0 reasons. You can refer to WSE3.0 Building Web Services Security (1): WSE3.0 security mechanism and instance development and WSE3.0 Building Web Services Security (2): Asymmetric encryption, public key, key, certificate, signature differences and contacts, and X.509 certificate acquisition and management. The following discussion supplements the article. Covers almost all the basic knowledge points of all WCF security needs.

"1" WCF Authentication mechanism:

WCF is a good combination of authentication mechanisms on existing Windows platforms, and also supports ws-security security specifications, as well as user-defined extended authentication modes, security token methods. If you are concerned about WSE3.0 related technical articles, it must feel familiar that these security mechanisms have been fully supported in WSE3.0. These are the best proof of WCF's claim to inherit the WSE security mechanism. Continuation of the Microsoft platform's consistent approach. Reuse and extension of excellent models. The concept of security can be referred to WSE3.0 Building Web Services Security (1): WSE3.0 security mechanism and instance development. The authentication mechanism supported by WCF can refer to the following figure: