| Mode | Description |
|---|---|
| None | No security is provided; all information is passed in clear text. |
| Transport | Mutual authentication and message protection are provided at the transport level. |
| Message | Mutual authentication and message protection are provided at the message level |
| Both | Mutual authentication and message protection are provided at both the transport and message levels. This is far more than is necessary for most scenarios. |
| TransportWithMessageCredential | Client authentication is provided at the message level, and message protection and service authentication are provided at the transport level. |
| TransportCredentialOnly | Mutual authentication is provided at the transport level; no message protection is provided. This option is available only on basicHttpBinding. |
Thursday, May 6, 2010
WCF Transfer Security
After selecting a binding, you can decide which type of transfer security, otherwise known as security mode, to use for your WCF service. You can provide security on the transport level or the message level. Each option has its own advantages and disadvantages. For instance, transport security secures the entire communication channel (e.g., by using SSL) and therefore only supports point-to-point communication over a single transport. Message security protects each message individually and therefore supports multipoint communication, multiple transports, or even partial message encryption if necessary. Most scenarios are best supported by using transport security. The following security modes are available across the standard bindings.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment