WCF Security Username/password

1. Transfer Security

Transfer security includes three main aspects: message integrity (Messages Integrity), message confidentiality (messages confidentiality), and interactive validation (Mutual authentication) "。

Message integrity must ensure that the message is not tampered with during transmission. The received message is complete and correct, the message confidentiality must ensure that the message is not consulted by any third party, and the content of the message is not leaked to any unrelated person, whereas interactive authentication means that the client and server must have some trust mechanism to establish the correct connection. Interactive authentication also monitors and blocks denial of service attacks (DOS). The common practice is to digitally sign messages to ensure their integrity, using asymmetric encryption algorithms to block message content, while user name/password, X.509 digital certificate can be used to verify the identity of the other, where we mainly describe how to use the user name/password authentication method in WCF.

2. Create X.509 digital certificate:

To authenticate by using the Username/password method, we need to install a certificate for the server, which is created because the user name and password need to be encrypted during the transmission of the client and service, otherwise there will be no security. X.509RD uses asymmetric encryption plus technology. Encrypt the client username and password with the public key and decrypt it with the private key at the server, so we have to create the certificate. Execute under Command commands in VS2008 tool: Makecert-r-pe-n "Cn=temp"- SS My-sky Exchange. We can generate a temp certificate for the server. The following figure shows.

Click View to view more information: