Authorization in WCF

Authorization is the process of controlling access and rights to resources, such as services or files. The topics in this section show you how to perform this basic task in Windows Communication Foundation (WCF) in a variety of ways.

In This Section

Access Control Mechanisms
Provides a brief outline of the authorization mechanisms in WCF, and suggested uses.

How to: Restrict Access with the PrincipalPermissionAttribute Class
Shows the process of restricting access to a service with the PrincipalPermissionAttribute.

How to: Use the ASP.NET Role Provider with a Service
Walks through the configuration of a service to enable it to use the role provider feature of ASP.NET.

How to: Use the ASP.NET Authorization Manager Role Provider with a Service
ASP.NET can use the Authorization Manager to manage authorization for a Web site. WCF can similarly leverage the ASP.NET/Authorization Manager combination for authorization of clients.

Managing Claims and Authorization with the Identity Model
Explains the basics of using the Identity Model infrastructure for claims-based authorization.

Delegation and Impersonation
Explains the difference between delegation and impersonation.

Reference

System.ServiceModel.Security

PrincipalPermissionMode

ServiceAuthorizationBehavior

PrincipalPermissionAttribute

Authentication

See Also

Security Overview
Security Model for Windows Server App Fabric