The Service Bus allows a Windows Communication Foundation-based (WCF) application to listen at a public network address, even if the application is located behind a NAT or network firewall.
Another core part of the solution is the Access Control service, a publicly accessible identity and authentication management service. The Access Control service is based on a public Security Token Service (STS). The STS is in charge of authenticating and authorizing both the client and the service that want to use the Service Bus.
Credential Type
The service has to authenticate to the Access Control Service to be able to use the Service Bus. The transportClientEndpointBehavior allows you to specify the Credential type to be used to authenticate the service.
<system.serviceModel>
| UserNamePassword | is an alternative for applications with non-interactive requirements that allows you to set a username and password to authenticate to the identity service |
| X509Certificate | allows you to use an X509 certificate |
| CardSpace | In this case, using CardSpace, the Windows Cardspace selector is launched, the user selects an information card and a token is sent to the service. |
| AutomaticRenewal | allows you to use CardSpace to authenticate but in addition it will automatically retrieve new tokens from the STS before the original token has expired. This is especially useful in scenarios where an application needs to run indefinitely without prompting for user credentials upon token expiration, such as with a service. |
| FederationViaCardSpace | allows you to use CardSpace to authenticate but enables you to control which claims and/or issuer are required for a token issuer. |
