Upload
others
View
3
Download
0
Embed Size (px)
Citation preview
Distribution and Integration
Technologies
Services Security
APM@FEUP WCF Security 2
WCF security aspects
Information communication (transfer) security
Aspects
• Privacy (or confidentiality) – Encryption
• Integrity – Hash and signature
Levels
• Transport – Use of a secure communications protocol
Can be HTTPS, TCP, Pipe or MSMQ. Guarantees point to point security if
there are no intermediaries
• Message – Security applied to message contents only. Independent
from transport protocol. Can present less performance than using
transport.
Authentication User identification from client. Service identification from host.
Authorization Execution permission based on user identity or on roles associated to
users
APM@FEUP WCF Security 3
Privacy and integritymessage private
key
private
key
public
key
public
key
hash
encoding using
own
private key encoding using
service
public key
decoding using
own
private key
encoded
hash
decoding using
client
public key
hashhash
valid message
if the same
calculation
calculation
asymmetric key
security
APM@FEUP WCF Security 4
Information transfer
The transfer security is configured with each Binding
Many Bindings have some sort of security already configured by
default
Not everyone support every type of security
Some authentication information can be added to the message
Name None Transport Message
BasicHttpBinding Yes (default) Yes Yes
NetTcpBinding Yes Yes (default) Yes
NetNamedPipeBinding Yes Yes (default) No
WSHttpBinding Yes Yes Yes (default)
WSDualHttpBinding Yes No Yes (default)
NetMsmqBinding Yes Yes (default) Yes
APM@FEUP WCF Security 5
Transfer and client credentials (1)
Each Binding and transfer security level allows only
certain types of client credentials
With transport level security
Name None Windows Username Certificate
BasicHttpBinding Yes (default) Yes Yes Yes
NetTcpBinding Yes Yes (default)* No Yes
NetNamedPipeBinding No Yes (default)* No No
WSHttpBinding Yes Yes (default) Yes Yes
WSDualHttpBinding N/A N/A N/A N/A
NetMsmqBinding Yes Yes (default)* No Yes
* Allows the generation of encryption keys without a certificate
APM@FEUP WCF Security 6
Transfer and client credentials (2)
Each Binding and transfer security level allows only
certain types of client credentials
With message level security
Name None Windows Username Certificate Issued token
BasicHttpBinding No No No Yes No
NetTcpBinding Yes Yes (default)* Yes Yes Yes
NetNamedPipeBinding N/A N/A N/A N/A N/A
WSHttpBinding Yes Yes (default) Yes Yes Yes
WSDualHttpBinding Yes Yes (default) Yes Yes Yes
NetMsmqBinding Yes Yes (default)* Yes Yes Yes
* Allows the generation of encryption keys without a certificate
APM@FEUP WCF Security 7
Tcp with message level security
Can be used without certificates with Windows
authentication
Just needs to configure the Binding transfer parameters
<bindings>
<netTcpBinding>
<binding name="CalcServiceTcpBinding">
<security mode="Message">
<message clientCredentialType="Windows" />
</security>
</binding>
</netTcpBinding>
…
<services>
<service ….
<endpoint binding="netTcpBinding"
bindingConfiguration="CalcServiceTcpBinding" …
APM@FEUP WCF Security 8
Using the Service Configuration Editor
1. Create a binding
compatible with the
endpoint
2. Give the binding a name
3. Configure security in the
appropriate pannel
4. Associate the binding to
the endpoint (in the
endpoint proprieties)
selecting the same name
chosen in step 2.
APM@FEUP WCF Security 9
HTTP with encryption (SSL)
We need to install a certificate signed by a ‘certification
authority’
Configure the Binding (HTTP) for the required transfer
and authentication security
The certificate should have the same name as the server
The address should use the protocol https://...
The http driver installed in the operating system should
use the certificate in the wanted IP address and port
Windows has command line tools for this configuration
• httpcfg.exe in WindowsXP
• netsh in Windows Vista or later
• There are also graphical tools available
APM@FEUP WCF Security 10
Host configuration
APM@FEUP WCF Security 11
Client configuração
APM@FEUP WCF Security 12
Authorization (windows users & groups)
It is possible to configure conditions for the execution of
the operations in a service
Limit the allowed users
Allowing users in roles (by default roles are translated into
Windows groups)
Using the [PrincipalPermission] attribute applied to the
operation implementation
[PrincipalPermission(SecurityAction.Demand, Name=“machine\\user”)]
public double SqRoot(double val) {
…
}
[PrincipalPermission(SecurityAction.Demand, Role=“ServiceUsers”)]
public double Add(double val1, double val2) {
…
}
Custom authentication (for username)
We can define in the host a validation class to
authenticate clients based on username and password
This class is indicated in a service behavior
APM@FEUP WCF Security 13
We have next to implement
a class in an assembly
available to the host (can be
the host assembly)
That class must derive from
the abstract class
UserNamePasswordValidator
and implement the
Validate method
The custom validation class
APM@FEUP WCF Security 14
public class UserValidator : UserNamePasswordValidator {
public override void Validate(string userName, string password) {if (null == userName || null == password)
throw new FaultException("Username or password not specified.");
if (!(userName == "Any" && password == "Some") &&!(userName == "TheOne" && password == "Other"))throw new FaultException("Unknown username or password.");
}}
A small example of a custom validation class
Note: user names and passwords should never be directly coded in the class.
Some more elaborate scheme using databases, encryption or hashes should
be used instead.
Java EE security
APM@FEUP WCF Security 15
Security realm
- File
- Database
- LDAP
- Certificate
- Custom
Application Server
App Client Container
Application
EJB Container
Web Container
EJBs
WSs
Web App
WSs
Browser
-Users
-Groups
AUTHENTICATION
AUTHORIZATION
Authtentication process
APM@FEUP WCF Security 16
Authorization
APM@FEUP WCF Security 17
Beans and methods can have authorization roles associated
- Annotations
- Users and Groups must be mapped to roles