Menu
How do you set a WCF customBinding to use only transport level security?
If it were a wsHttpBinding, it would be:
<security mode="Transport" />
The scenario is I am calling a Java SOAP service that uses transport-only security. No message signing.
893
Transport Mode is a method of sending data over the Internet where the data is encrypted but the original IP address information is not. The Encapsulating Security Payload (ESP) operates in Transport Mode or Tunnel Mode. In Transport Mode, ESP encrypts the data but the IP header information is viewable.
The transport security for this binding is Secure Sockets Layer (SSL) over HTTP, or HTTPS. To create an WCF application that uses SSL, use IIS to host the application. Alternatively, if you are creating a self-hosted application, use the HttpCfg.exe tool to bind an X. 509 certificate to a specific port on a computer.
Primarily BasicHttpBinding is designed to exchange SOAP over HTTP(s) only, just like old ASMX or . net web services and supports the WS-I BasicProfile. WsHttpBinding supports the advanced WS-* specification which includes WS-Addressing and WS-Security etc.
To do this, you add the individual binding elements to a collection represented by an instance of the BindingElementCollection class, and then set the Elements property of the CustomBinding equal to that object.
This may be quite context specific, but I needed to use:
<security authenticationMode="MutualCertificateDuplex" />
There are many more "authentication modes" than there are "modes".
112
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With