I am using VSTS 2008 + C# + .Net 3.5 + Silverlight 3.0. I host a WCF service in IIS 7.0. My question is, besides using https + basicHttpBinding, are there any other security solutions? I want to find a security solution which does not need certificate on server side. I am not sure whether message security works without certificate and works also for Silverlight.
1 Answers
2
votes
If you're not going to be using a certificate of some sort on the server side (I'm assuming you weren't referring only to SSL, but also to putting a certificate on the box to support WS-Security standards), the best you're going to be able to do is Username/Password.
Here's a link on Implementing Username Password & WS-Security with Silverlight.
