I am working on a WCF service which is an instance of client application on net.tcp (which is my office Is being developed by another programmer)
At this time I'm using net.tcp without any security because I thought it was not necessary to set it at this level, at least as long as we were not close to rolling out .
> During the development of the WCF application, there may be a loss in using a standard binding (in my case net.tcp) without security, once the business logic is completed, all security requirements are met apply the? Is there something that I should be aware of that can not work after the implementation of security?
Your overall design should be considered security from the beginning, I do not think it should There is a good idea for a particular security strategy. You want to use some of your components in a non-secure way or in a different protocol that offers various security options.
So my answer is yes and no Yes, you need to think about it from the beginning, but you should not have your components linked with your security needs.
He said, because you know that you will use net.tcp, you must be aware that the transport security by default is on for this transport by default.
For more information, Juval Lovie's Superb, Chapter 10. Lowe, in your service modelX Library (discussed in length in the book) provides a very good framework that you can make by placing your own plug These can organize the components Even if this is not what you are looking for, you can adapt it to your needs.
Comments
Post a Comment