Securing WCF service using basicHttpBinding which supports streaming

Question

My question is in regards to the best (aka \"least painful\") way to secure access to a WCF service that is only exposed to our company\'s internal users. The goal is to ensure

Answer 1

If you want to use basicHttpBinding (for interop) you can only pass your credential at the message level. You have to set your security configuration to TransportWithMessageCredential.

To do that you have to create a SSL channel, so you need a certificate at server side, and it's not necesary for a cliente to have one.