WCF Security - Input/Data Validation Sample Visual Studio Project
Input and Data Validation is one of the core security principles. WCF is no exception. To get most out of WCF in secure way one must implement proper Input and Data Validation.
I was following instructions on How To – Perform Input Validation in WCF compiled by patterns&practice team lead by JD Meier.
In a nutshell the process consists of creating 3 classes and tweaking a config file a "bit".
From the guide:
- Step 4 – Create a Class That Implements the Validation Logic
- Step 5 – Create a Class That Implements a Custom Endpoint Behavior
- Step 6 – Create a Class That Implements a Custom Configuration Element
- Step 7 – Add the Custom Behavior to the Configuration File
- Step 8 – Create an Endpoint Behavior and Map It to Use the Custom Behavior
- Step 9 – Configure the Service Endpoint to Use the Endpoint Behavior
I ended up with working sample built with Visual Studio 2008. I though it'd be good idea to share it to help you boost your productivity.
Grab the Visual Studio project on my SkyDrive here.
Enjoy
Comments
- Anonymous
May 25, 2008
WCF offers very flexible approach of Input and Data Validation based on XML Schemas. The approach is