• Online, Self-Paced
Course Description

WCF, similar to any Web Service, must be secured. In this course, you will learn about WCF Security, transport security, and message security. Additionally, you will be introduced to client authentication and authorization.

Learning Objectives

WCF Streams

  • start the course
  • use WCF Stream operations to handle both requests and provide responses
  • work with the WCF Duplex messaging pattern to create a Duplex service
  • create a service using Asynchronous service operations


  • describe the aspects of building secure applications
  • describe the aspects of security that the WCF Framework provides and those that must still be addressed in development

Transport Security

  • describe how to use a secured channel to convey data securely between a client and a service
  • configure a service and client to securely transport data, including configuring IIS to use HTTPS
  • work with transport security to consume a secure WCF service

Message Security

  • describe the benefits and limitations of using WCF message security
  • configure the bindings for a service to support message security
  • configure a client to consume a service secured with message security
  • use message credentials and transport security to secure communications

Authentication and Authorization

  • describe how to authenticate clients and use role-based authorization
  • authenticate clients using a username and password
  • create a custom username and password validator
  • use role-based permissions to grant and deny access

Practice: Security for WCF

  • use transport and message security to protect communications and use client authentication and authorization to provide access to services

Framework Connections

The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):

Specialty Areas

  • Software Development