patterns & practices Improving Web Services Security Guide

  •        86

Guidance for building secure Web services. Includes design and implementation guidance for WCF security scenarios. Prescriptive guidance includes guidelines, checklists, key security practices, end-to-end application scenarios, and step-by-step How Tos.

http://wcfsecurityguide.codeplex.com/

Tags
Implementation
License
Platform

   




Related Projects

patterns & practices: WCF Security Guidance


Proven Practices, end-to-end application scenarios, guidelines, Q&A, and task-based how-tos for building secure distributed applications with WCF (Windows Communication Foundation).

WCF Guidance for WPF and Mobile Developers


This project is a collection of guidance for WPF and Windows Mobile application developers related to WCF development. It includes whitepapers, webcasts, code samples, and templates related to WCF, federated security, and CardSpace development for the client.

WPF Guidance for Claims-Based and Federated Security Models


This project includes a whitepaper, code samples that are reference implementations providing guidance for building claims-based and federated security models that involve WPF clients with WCF and Geneva Framework. Note that Geneva Framework is not required for the WPF client.

Smart WCF Client Wrapper


This is a smart WCF client wrapper that keeps your code clean, and hides common beginner mistakes from the end user. This code handles - EventHandler Cleanup - Exception Managment - Reliable and efficient reuse of the proxy - Cleanup of the proxy - Clean "using(...)" m...

patterns & practices Guidance Explorer


Guidance Explorer is a tool to find and use relevant patterns & practices guidance. Guidance Explorer installs with a guidance library including performance and security topics for .NET and ASP.NET applications. The guidance library contains checklists and guidelines covering des



WCF Load Test


This tool takes a WCF trace file and a WCF client proxy, or a WCF interface contract, and generates a C# unit test that replays the same sequence of calls found

Security Foundation -- WCF based SSO


This project was started as a WCF based SSO solution that serves ASP.NET websites (through membership providers ) and other winform / web services. Then we realized that we need to bring in claim-based funcitionalities and make it work as our own identity foundation.

Service Invocation Framework


Lightwave framework for service invocation. Includes pipelines for cross-cutting logic (transactions, logging, security), adapters for common transport protocols (MTOM, SOAP, Remoting, etc) and a dynamic proxy factory (ala WCF).

Prism tutorial


Prism tutorial is a sample application that uses the Microsoft Adventure Works Light database to demonstrate how to build an application that uses: Entity Framework WCF WPF Prism Enterprise Library for the application blocks

WCF Guidance for WPF Developers


This project includes a whitepaper, code samples and a short webcast series to help Windows Presentation Foundation (WPF) developers work with WCF services. Topics: proxies, shared libraries, exception handling, concurrency, multithreading, hosting services, and REST-based.

patterns & practices: Windows Azure Security Guidance


Proven Practices, end-to-end application scenarios, guidelines, Q&A, and task-based how-tos for building secure cloud applications with Azure.

SharePoint Cross Site Collection Security Trimmed Navigation


This SP2010 project will show security trimmed navigation that works across site collections. The project is written for SP2010, but can be easily made to work in SP2007.

Web Service Software Factory


The Web Service Software Factory (also known as the Service Factory) is an integrated collection of tools, patterns, source code and prescriptive guidance. It is designed to help you quickly and consistently construct WCF Web services that adhere to well known architecture.

amundmo-myRequirements


myRequirements is a Silverlight web-application with the intention to make more secure software. The basic of the tool is to make it easier for the developers to find good security requirements. Also, the tool presents guidelines on security measures in form of security design patterns that the user should use based on the requirements that they have selected. The tool utilizes the potential of security requirement patterns and how they can be connected to security measures. For now, the tool is

ansible-lockdown - Ansible playbook roles for security


Ansible Lockdown is a collection of Ansible roles related to security automation. All roles included in this project must meet the contribution guidelines.Some roles referenced in this project are a collaborative effort between Ansible and our IT Security partner MindPoint Group to provide you with thorough, vetted, and trusted security roles that you can integrate with any of your existing playbooks or as the building blocks for completely new playbooks. Other roles included in this project, while not vetted by MindPoint Group, have been deemed by the maintainers and community to meet the contribution guidelines.

A simple windows service to host WCF or WF services


This little dll makes it easy to : - host a WCF server in a win-service, - handle faulted exceptin to restart your WCF server in case of failure and restart it, - Create an installer for that service, - Access the WCF server directly, in case of Singleton pattern, for WF host...

WCF Test Harness


The WCF Test Harness is a flexible tool that can be used to quickly test services. The utility is a windows application that uses WCF to submit requests via a given URL or proxy class. This utility is similar to other service test tools, notably WCF Load Test and SOAP UI.

WCF LOB TCP Adapter


WCF LOB TCP adapter will make it easy for BizTalk, WCF and WWF services to communicate with a TCP server. you will no longer worry about managing TCP clients, openning closing connections. This project was built using WCF LOB Adapter SDK 2.0

Connected Information Security Framework


The intent of this framework is to provide building blocks in terms of loosely coupled reusable application modules for developing various connected applications for Information security domain.