| Subject: WCF Security Question |
| Group: microsoft.public.windows.developer.winfx.indigo |
| Date: 4/19/2008 2:28:01 PM |
| From: =?Utf-8?B?U2FyYXNhbQ==?= [Email Address Protection] |
i have a WCF service(hosted in IIS) with the following configuration: basichttpbinding MTOM Streaming(for file upload and download) now i want to implement a security system where i receive username/password only once. after which i want to issue a custom generated token which should be used for all subsequent calls to service. i also want to control the expiration and renewal of the issued token. what should be my approach in order to acheive this? please advice, if possible with some code sample. |
| Back |
| Subject: Re: WCF Security Question |
| Group: microsoft.public.windows.developer.winfx.indigo |
| Date: 4/24/2008 1:12:11 AM |
| From: Priya [Email Address Protection] |
Hi Sarasam, You need to use Federation binding and implement an STS that will issue the token. You can then use an authorization policy and/or authorization manager with your specific service, and with the service you can define MTOM for encoding. Priya On Apr 20, 2:28=A0am, Sarasam <Sara...@discussions.microsoft.com> wrote: > i have a WCF service(hosted in IIS) with the following configuration: > basichttpbinding > MTOM > Streaming(for file upload and download) > now i want to implement a security system where i receive username/passwor= d > only once. after which i want to issue a custom generated token which shou= ld > be used for all subsequent calls to service. i also want to control the > expiration and renewal of the issued token. what should be my approach in > order to acheive this? > please advice, if possible with some code sample. |
| Back |