Solved

WCF binding security mode in app config is confusing

Posted on 2010-08-21
1
1,732 Views
Last Modified: 2012-05-10
I am confused by some of the security settings in WCF, when you are making configuration settings in the host app config.  The issue centers on the following nodes:
<binding>
  <security mode = "" >
     <transport ...  />
     <message .... />

Learning WCF, by Bustamante, says that the defaults for wsHttpBinding and netTcpBinding are:

<binding>    <!-- for wsHttpBinding  -->
  <security mode = "Message" >
     <transport ...  />
     <message .... />

<binding>    <!-- netTcpBinding  -->
  <security mode = "Transport" >
     <transport ...  />
     <message .... />

What confuses me is why are both <transport> and <message> used?  For all the other standard bindings defaults the @mode value and the child element to <security> match up one-to-one.  (If mode=Message then they use security/message; if mode=transport, then they use security/trnasport)

I guess I dont understand the meaning of <security mode="" >   The text (and msdn) explains "mode" with statements like, "this configures the binding for transport security" or "this configures the binding for message security"

What are the meanings of security/@mode and security/transport and security/message; and how do the interact and/or depend on each other?
0
Comment
Question by:pdschuller
1 Comment
 
LVL 3

Accepted Solution

by:
with earned 500 total points
ID: 33494378
The "mode" is the controlling factor; it establishes how security is going to work.  Beyond that, additional configuration information will be read from child elements <transport> and <message>, if present, and as they pertain to the selected mode.

Depending on your selected mode, <transport> or <message> may not be applicable.  For instance, mode "None" disables security and anything else you put in there gets ignored.  Because some modes like TransportWithMessageCredential use both elements <transport> and <message>, these elements must both remain simultaneously permissible by the XML schema itself.  Whether they'll actually be used depends on the mode.

0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Want to post very large amout of data to server 8 58
How to set base address for WCF in IIS 7 299
WCF Client digital signature 1 148
How to do live video streaming 6 87
This tutorial will show you how to add an attribute to an XML (http://en.wikipedia.org/wiki/XML) stream returned from a Windows Communication Foundation (http://en.wikipedia.org/wiki/Windows_Communication_Foundation) (WCF) Web Service.  Some knowled…
While working on Silverlight and WCF application, I faced one issue where fault exception occurred at WCF operation contract is not getting propagated to Silverlight client. So after searching net I came to know that it was behavior by default for s…
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

932 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now