Solved

WCF binding security mode in app config is confusing

Posted on 2010-08-21
1
1,730 Views
Last Modified: 2012-05-10
I am confused by some of the security settings in WCF, when you are making configuration settings in the host app config.  The issue centers on the following nodes:
<binding>
  <security mode = "" >
     <transport ...  />
     <message .... />

Learning WCF, by Bustamante, says that the defaults for wsHttpBinding and netTcpBinding are:

<binding>    <!-- for wsHttpBinding  -->
  <security mode = "Message" >
     <transport ...  />
     <message .... />

<binding>    <!-- netTcpBinding  -->
  <security mode = "Transport" >
     <transport ...  />
     <message .... />

What confuses me is why are both <transport> and <message> used?  For all the other standard bindings defaults the @mode value and the child element to <security> match up one-to-one.  (If mode=Message then they use security/message; if mode=transport, then they use security/trnasport)

I guess I dont understand the meaning of <security mode="" >   The text (and msdn) explains "mode" with statements like, "this configures the binding for transport security" or "this configures the binding for message security"

What are the meanings of security/@mode and security/transport and security/message; and how do the interact and/or depend on each other?
0
Comment
Question by:pdschuller
1 Comment
 
LVL 3

Accepted Solution

by:
with earned 500 total points
ID: 33494378
The "mode" is the controlling factor; it establishes how security is going to work.  Beyond that, additional configuration information will be read from child elements <transport> and <message>, if present, and as they pertain to the selected mode.

Depending on your selected mode, <transport> or <message> may not be applicable.  For instance, mode "None" disables security and anything else you put in there gets ignored.  Because some modes like TransportWithMessageCredential use both elements <transport> and <message>, these elements must both remain simultaneously permissible by the XML schema itself.  Whether they'll actually be used depends on the mode.

0

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

This tutorial will show you how to add an attribute to an XML (http://en.wikipedia.org/wiki/XML) stream returned from a Windows Communication Foundation (http://en.wikipedia.org/wiki/Windows_Communication_Foundation) (WCF) Web Service.  Some knowled…
Here I am going to explain creating proxies at runtime for WCF Service. So basically we use to generate proxies using Add Service Reference and then giving the Url of the WCF service then generate proxy files at client side. Ok, what if something ge…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now