WCF – Hellish Configuration

I love WCF, I think it is the most useful thing that came with the .NET 3.0 framework. On the other hand, I do not love the nightmarish configuration process. Configuring a WCF service might be harder than solving that puzzle-box from the Hellraiser movies and probably just as painful.

The WCF configuration tool only makes it slightly easier to configure. It is a GUI representation of the XML that is the WCF configuration. Greeeeaat, a GUI tool for something I don’t understand… that will make it easier (sarcasm). There really isn’t as much guidance as I’d like in the tool itself.

The configuration process is a hard one and I can feel my head throbbing from all the information being absorbed about certificates, identities, and transport vs. message security. The configuration process of a WCF service seems to be the biggest complaint of other developers, I know it’s slowed down a couple of projects I was involved in. If you are in the same boat of trying to figure out the best way to secure your WCF service then I have a site for you.

Those Patterns and Practices guys have a very cool site on CodePlex. The guide was released in 08/01/08, but still good.

http://www.codeplex.com/WCFSecurity

It has amazing walkthroughs on how to setup authentication, authorization, and security for your WCF services. Videos are included on the site as well. So until WCF configuration becomes easier in .NET 4.0 you can muddle your way through with a little help from the P&P; guys.

Hope this helps, and be careful not to open up any gateways to hell while trying to configure your service. 😛