Monday, May 24, 2010

WCF Security and RIA Security in general

This is a very lazy post. I just read two really good articles on RIA (Rich Internet Application) Security and Wcf Security.  

My Lead In Intro:
Lets face it when it comes to client-side code (by this I mean anything running in a client's browser, javascript, Silverlight, Flash etc) it running in an insecure zone and you cannot prevent it from being disassembled, examined, and maliciously manipulated.  This boils down to: Its a waste of time trying to write clever security code in these kinds of apps.  Time is better invested in securing your Wcf Services.

PS: As a side bar, I spoke to a Mt Eden developer in January that didn't believe me when I was explaining the simplicity of implementing secure Wcf Services was not possible without considerable effort and code. You know who you are. This has been available since 3.5 service pack 1.

Cheers ;-)

No comments:

Post a Comment