WCF服务编程读书笔记（10）：安全

Example 10-1. Programmatically securing the basic binding

BasicHttpBinding binding1 = new BasicHttpBinding(BasicHttpSecurityMode.Message);
BasicHttpBinding binding2 = new BasicHttpBinding( );
binding2.Security.Mode = BasicHttpSecurityMode.Message;

Example 10-2. Administratively securing the basic binding

<bindings>
　　<basicHttpBinding>
　　　　<binding name = "SecuredBasic">
　　　　　　<security mode = "Message">
　　　　　　</security>
　　　　</binding>
　　</basicHttpBinding>
</bindings>

Example 10-3. Providing alternative Windows credentials

NetworkCredential credentials = new NetworkCredential( );
credentials.Domain = "MyDomain";
credentials.UserName = "MyUsername";
credentials.Password = "MyPassword";

MyContractClient proxy = new MyContractClient( );
proxy.ClientCredentials.Windows.ClientCredential = credentials;

proxy.MyMethod( );
proxy.Close( );

Example 10-4. Explicit impersonation and reversion

Example 10-5. Implementing SecurityHelper.ImpersonateAll( )

Example 10-6. Declarative role-based security on the intranet

Example 10-7. Programmatic role-based security

Example 10-8. Configuring the service certificate

Example 10-9. Validating the service certificate

Example 10-10. Providing username and passwords credentials

Example 10-11. Internet security with Windows credentials

Example 10-12. Internet security using an ASP.NET SQL Server provider

Example 10-13. Configuring the application name for the membership provider

Example 10-14. Configuring the application name for the role provider

Example 10-15. ASP.NET role provider declarative role-based security

Example 10-16. Configuring the host for business-to-business security

Example 10-17. Setting the client’s certificate

Example 10-18. ASP.NET role-based security for the business-to-business scenario

Example 10-19. The SecurityBehaviorAttribute

Example 10-20. Implementing SecurityBehaviorAttribute

Example 10-21. Implementing SecurityBehavior (partial)

Example 10-22. Adding declarative security for ServiceHost<T>

Example 10-23. The SecurityHelper helper class

Example 10-24. Implementing SecurityHelper (partial)

Example 10-25. The SecureClientBase<T> class

Example 10-26. Implementing SecureClientBase<T> (partial)

Example 10-27. The SecureChannelFactory<T>

Example 10-28. The SecureDuplexClientBase<T,C> class

Example 10-29. The SecureDuplexChannelFactory<T,C>

Example 10-30. The ServiceSecurityAuditBehavior class

Example 10-31. Configuring a security audit

Example 10-32. Enabling a security audit programmatically

Example 10-33. Implementing the SecurityAuditEnabled property

Example 10-34. Implementing a declarative security audit