I have a WCF service that is hosted in a windows application. The service uses netMsmqBinding. The client and the host are in different domains. My question is how do I configure the security settings?
The data that is transferred is sensitive so I would like to secure the communication between the client and the host of the service. The only problems is that I don't know how to do it... (I don't want to use certificates) Any help would be appreciated!
MSMQ is generally not suitable for use over the Internet (if that is what you plan to do). Otherwise I don't think you can avoid certificates if you want message-level security.
But MSMQ is my only option since the client and the server are not always online at the same time. I mean there are disconnected calls and according to the MSDN it is recommended using MSMQ in such cases.
So certificate is the only option with message level security? And what about transport level security?
You might want to look at this Article from MSDN to see what options you have. You can also implement a custom binding where transport and encryption of message is implemented to your choice. Btw here is the link.
I have my doubts that WCF will work as you expect in this scenario. Where is MSMQ hosted? On the "server" or on the "client"? Or is there an independent MSMQ host? When disconnected, I believe the only system that will work is the one hosting MSMQ. The other system will fail to initialize WCF.
If your systems are on different domains, but the same AD forest, then you can use Domain Authentication transport security. If they are on forests entirely, then you must encrypt the payload yourself or rely on message-level security--i.e. certificates.
If the header is not sensative (i.e. the name of the function you are calling, who is invoking it, etc), then you can manually encrypt the payload. i.e. serialize your data to binary or xml, encrypt the serialized object, and then invoke your WCF method with the resulting byte-array as the argument.
You haven't explained why you want to avoid certificates. Clearly there's another constraint that you have not told us. Why not use certificates?
you can easily use transport security by specifying appropriate property on the binding if you need message level security, certificates are your best option.
I suggest obtaining a copy of Juval Lowy's "Programming WCF Services" by O'Reilly. He has an entire chapter dedicated to using WCF with MSMQ.
James Schek: It works perfectly when I run it without security (no matter where is the MSMQ). In my case the MSMQ is hosted on the server and if it is down - then the client's messages stay in its outgoing queue and when the MSMQ is up and running again all messages are sent - this is the power of MSMQ and is the expected behavior (that is why all messages sent over MSMQ must be OneWay, because we don't know when the server or the client are online - we just want the messages delivered).
One of the administrators in our organization asked me if there is other way (instead of certificates) - that is why I am asking (he wants to know all possible ways of securing in this scenario).
I am in work group mode and not in domain mode! So I am not able to use Domain...and there is not AD at all.