Menu
I have WCF service accessible over Internet which uses wsHttpBinding with message security mode and username client credentials.
<bindings>
<wsHttpBinding>
<binding name="wsHttpEndpointBinding" messageEncoding="Mtom" maxReceivedMessageSize="104857600">
<readerQuotas maxArrayLength="104857600"/>
<security mode="Message">
<message clientCredentialType="UserName"/>
</security>
</binding>
</wsHttpBinding>
</bindings>
I've figured out that it takes too much time to transfer my data from client to the server. I've read that i can use customBinding and binaryEncoding mode for my service.
Like that:
<bindings>
<customBindings>
<binding name="NetHttpBinding">
<binaryMessageEncoding />
<httpTransport />
</binding>
</customBindings>
<bindings>
But here is no any mention about message security mode and client credential type...
How could i use custom binding with binaryEncoding and keep message security mode with username client credentials?
760
WCF ensures that the transport is secured when using user name credentials. Allows the service to require that the client be authenticated using an X. 509 certificate.
The WsHttpBinding will use Message security by default, which means that your message (payload) is encrypted and signed per the WS-Security specification. However, you can add more security on top of this by using Transport security with an SSL certificate.
netNamedPipeBinding. This binding is used to provide secure and reliable Named Pipe based communication between WCF services and WCF client on the same machine. It is the ideal choice for communication between processes on the same machine.
Windows Communication Foundation (WCF) security has three common security modes that are found on most predefined bindings: transport, message, and "transport with message credential." Two additional modes are specific to two bindings: the "transport-credential only" mode found on the BasicHttpBinding, and the "Both" ...
I know this is not the answer your looking for but this is my config.
I use custom binding with UserNameOverTransport authentication.
It might give you a clue on what to change to get yours up & running.
<customBinding>
<binding name="MyCustomHttpBinding" receiveTimeout="00:20:00" sendTimeout="00:20:00">
<security authenticationMode="UserNameOverTransport">
<localServiceSettings maxClockSkew="Infinite" />
</security>
<mtomMessageEncoding maxBufferSize="2097152" messageVersion="Soap12" >
<readerQuotas maxStringContentLength="2097152"/>
</mtomMessageEncoding>
<httpsTransport maxBufferSize="2097152" maxReceivedMessageSize="1073741824" transferMode="Streamed" />
</binding>
</customBinding>
Keep in mind I use MTOM Encoding which, in my case, fits better to my scenario.
192
Set secureConversationBootstrap to UserNameForSslNegotiated. Try something similiar to the binding below.
<bindings>
<customBinding>
<binding name="wss-username-binary">
<transactionFlow/>
<security
authenticationMode="SecureConversation"
messageSecurityVersion="WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10">
<secureConversationBootstrap
authenticationMode="UserNameForSslNegotiated"
messageSecurityVersion="WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10" />
</security>
<binaryMessageEncoding />
<httpTransport/>
</binding>
</customBinding>
</bindings>
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
