patterns & practices WCF Security Practices at a Glance Now Available

Article
05/09/2008

For this week's release in our patterns & practices WCF Security Guidance project, we released our first version of our WCF Security Practices at a Glance. Practices At a Glance gives you a bird's-eye view of how to perform common tasks. They are scannable and outcome-driven so that you can quickly browse the problem/solution pairs. Rather than a laundry list of granular tasks, we organize them by our Web Services Security frame (still evolving.)

Categories
Here's how we grouped our WCF Security Practices at a Glance so far:

Auditing and Logging
Authentication
Authorization
Configuration Management
Deployment Considerations
Exception Management
Hosting
Impersonation/Delegation
Input Validation
Message Security
Proxy Considerations
Sensitive Data
Transport Security

Here's a snapshot of the problems solved from our Practices At a Glance, but you can see our answers explained at our WCF Security Guidance project site.

Auditing and Logging

How to audit authentication events
How to audit authorization events
How to enable WCF message logging
How to enable WCF tracing
How to use Health Monitoring in WCF
How to view log information
How to view trace information
How to log traces to a WMI provider
How to turn off audit failure suppression

Authentication

How to authenticate users against the SQL Membership Provider
How to authenticate users against Active Directory
How to authenticate users against Active Directory without windows authentication
How to authenticate users with certificates
How to map certificates with windows accounts
How to authenticate users against a custom user store
How to authenticate users with Kerberos direct to support non-WCF clients with windows authentication

Authorization

How to authorize imperatively
How to authorize declaratively
How to authorize users against Windows groups
How to authorize users against Windows groups using the AspNetWindowsTokenRoleProvider
How to authorize users against the SQL Role Provider
How to authorize users against the ASP.Net Role Provider
How to assign the current principal with IAuthorizationPolicy to allow authorization using custom authentication

Configuration Management

How to encrypt sensitive data in your configuration files
How to run your service under a specific identity
How to create a service account for your WCF service
How to stop clients from referencing your service
How to protect against message replay attacks

Deployment Considerations

How to configure certificates to enable SSL in IIS
How to map Windows accounts with certificates
How to create a Service Principle Name (SPN)
How to configure WCF for NATs and Firewalls
How to create an X.509 certificate

Exception Management

How to shield exception information with fault contracts
How to create an error handler to log details of faults for auditing purposes
How to handle unhandled exceptions in downstream services
How to throw an exception with complex types or data contracts with a fault exception
How to handle unknown faults in a service
How to implement a data contract to propagate exception details for debugging purposes
How to implement fault contracts in call back functions

Hosting

How to host WCF in IIS
How to host WCF in a Windows service
How to self-host WCF
How to configure a least-privilege account to host your service

Impersonation/Delegation

How to choose between trusted subsystem and impersonation/delegation
How to impersonate the original caller when using Windows authentication
How to impersonate programmatically in WCF
How to impersonate declaratively in WCF
How to delegate the original caller to call backend services when using Windows authentication
How to impersonate the original caller without Windows authentication
How to impersonate the original caller using S4U Kerberos extensions.
How to delegate the original caller using S4U Kerberos extensions.
How to impersonate and delegate using LogonUser Windows API
How to flow the original caller from an ASP.NET client to WCF
How to control access to a remote resource based on the original callers identity.

Input Validation

How to protect your service from malicious messages
How to protect your service from malicious input
How to protect your service from denial of service attacks
How to validate parameters with parameter inspectors
How to validate parameters with message inspectors using schemas
How to validate data contracts with message inspectors using schemas
How to validate message contracts with message inspectors using schemas
How to use regular expressions validate format, range and length in schemas
How to validate inbound messages on a service
How to validate outbound messages on a service
How to validate outbound messages on the client
How to validate inbound messages on the client
How to validate input parameters
How to validate output parameters

Message Security

How to use message security
How to partially encrypt a message
How to use out-of-band credentials with message security

Proxy Considerations

How to avoid proxy spoofing
How to expose service metadata for your clients
How to create a proxy to a service hosted in IIS that requires certificate authentication and transport security

Sensitive Data

How to encrypt sensitive data in configuration files
How to protect sensitive data in memory
How to protect sensitive data on the network

Transport Security

How to use transport security
How to use secure conversations in WCF

X.509 Certificates

How to create a temporary X.509 certificate for transport security
How to create a temporary X.509 certificate for message security
How to create a temporary X.509 certificate for certificate authentication

My Related Posts

patterns & practices WCF Security Practices at a Glance Now Available

Additional resources