Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How to use custom binding in WCF and keep message security mode with username client credentials?

Tags:

c#

wcf

wcf-security

I have WCF service accessible over Internet which uses wsHttpBinding with message security mode and username client credentials.

<bindings>
    <wsHttpBinding>
        <binding name="wsHttpEndpointBinding" messageEncoding="Mtom" maxReceivedMessageSize="104857600">
           <readerQuotas maxArrayLength="104857600"/>
           <security mode="Message">
            <message clientCredentialType="UserName"/>
           </security>
        </binding>
    </wsHttpBinding>
</bindings>

I've figured out that it takes too much time to transfer my data from client to the server. I've read that i can use customBinding and binaryEncoding mode for my service.

Like that: 

<bindings>
   <customBindings>
     <binding name="NetHttpBinding">
       <binaryMessageEncoding />
       <httpTransport />
     </binding>
  </customBindings>
<bindings>

But here is no any mention about message security mode and client credential type...

How could i use custom binding with binaryEncoding and keep message security mode with username client credentials?

like image 760
Sergey Smelov Avatar asked Jun 03 '10 16:06

Sergey Smelov

People also ask

Which of the following client credential type can be used with WCF security?

WCF ensures that the transport is secured when using user name credentials. Allows the service to require that the client be authenticated using an X. 509 certificate.

What is the default security mode for WS HTTP binding in WCF?

The WsHttpBinding will use Message security by default, which means that your message (payload) is encrypted and signed per the WS-Security specification. However, you can add more security on top of this by using Transport security with an SSL certificate.

Which binding should I use if I want to safely allow my WCF service usable across machines?

netNamedPipeBinding. This binding is used to provide secure and reliable Named Pipe based communication between WCF services and WCF client on the same machine. It is the ideal choice for communication between processes on the same machine.

What is security mode in WCF?

Windows Communication Foundation (WCF) security has three common security modes that are found on most predefined bindings: transport, message, and "transport with message credential." Two additional modes are specific to two bindings: the "transport-credential only" mode found on the BasicHttpBinding, and the "Both" ...

2 Answers

I know this is not the answer your looking for but this is my config. I use custom binding with UserNameOverTransport authentication.

It might give you a clue on what to change to get yours up & running.

<customBinding>
    <binding name="MyCustomHttpBinding" receiveTimeout="00:20:00" sendTimeout="00:20:00">
        <security authenticationMode="UserNameOverTransport">
            <localServiceSettings maxClockSkew="Infinite" />
        </security>
        <mtomMessageEncoding maxBufferSize="2097152" messageVersion="Soap12" >
            <readerQuotas maxStringContentLength="2097152"/>
        </mtomMessageEncoding>
        <httpsTransport maxBufferSize="2097152" maxReceivedMessageSize="1073741824" transferMode="Streamed" />
    </binding>
</customBinding>

Keep in mind I use MTOM Encoding which, in my case, fits better to my scenario.

like image 192
sebagomez Avatar answered Sep 18 '22 16:09

sebagomez

Set secureConversationBootstrap to UserNameForSslNegotiated. Try something similiar to the binding below.

<bindings>
<customBinding>
  <binding name="wss-username-binary">
    <transactionFlow/>

    <security 
authenticationMode="SecureConversation" 
messageSecurityVersion="WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10">

      <secureConversationBootstrap 
authenticationMode="UserNameForSslNegotiated" 
messageSecurityVersion="WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10" />
    </security>

      <binaryMessageEncoding />
    <httpTransport/>
  </binding>
</customBinding>
</bindings>
like image 34
magnus Avatar answered Sep 20 '22 16:09

magnus
Sign in to Comment

Related questions

Localization for mobile cross platform using xamarin and issue with iOS only
PointToScreen incorrect using DesktopDPIOverride
Is there a way to use `dynamic` in lambda expression tree?
Is a pure type the same as an immutable type?
How to Insert Rows to Table Object Inside an Excel Sheet?
How do I prevent the vertical scrollbar from taking space in the control, causing an horizontal scrollbar?
Google API Oauth2: Only one refresh token for all users?
Supporting Multiple Versions of a Compilation Dependency (vNext)
Is there any right way to get a file by its Path?
ASP.NET using embedded resources in Bundling
How to add field not mapped to table in Linq to Sql
Contract that ensures the IEnumerable is not empty
Set up JWT Bearer Token Authorization/Authentication in Hangfire
Unrecognized C# syntax
Cross-AppDomain call corrupts the runtime
Get current playing track info from Microsoft Groove Music app
WPF Programmatically Enable TextBox Scrolling/Panning for Tablets
Uncompiled partial view doesn't inherit from ViewImports
Windows gadget in WPF - show while "Show desktop" is activated
Too Many Left Outer Joins in Entity Framework 4? [duplicate]

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!