Here is my scenario, I have a WCF Service that is hosted on in internal server behind a firewall.
The client is a web application that resides on the web server in the DMZ. The firewall is open on a port between the two nodes so the connection can be made from the client to the server.
What type of binding do I need to be using for security here. Do you know of an example program or tutorial?
When I search for this, all i find is where the service is being used by clients across the internet and using windows authentication or prompting for a user name and password.
I just need our app on the web server to talk to the web service. Any recommendations are appreciated. Thanks!
Also, my web service is running as a console application.
If you're in control of both ends of the solution (web server (client) in DMZ and console app (server) behind), then why not go with a NetTcpBinding?
It sounds like you don't need credentials passed along with the message (besides a user id or some type of identifier passed in the message), so you can use this binding using TcpClientCredentialType.None.
Here's a good description of the security features of each built-in WCF binding. The description of NetTcpBinding is about 1/3 of the way down the page.
I hope this helps.