I have a WCF Service with netTcpBinding and I want to add GZip compression to it.
Here is my current binding:
<netTcpBinding>
<binding>
<security mode="TransportWithMessageCredential">
<message clientCredentialType="UserName" />
</security>
</binding>
</netTcpBinding>
But to add GZip Compression, I need to convert it to a customBinding.
So I think the new binding must looks like this:
<customBinding>
<binding>
<security ??? />
<binaryMessageEncoding compressionFormat="GZip" />
<tcpTransport />
</binding>
</customBinding>
How can I achieve mode="TransportWithMessageCredential" and clientCredentialType="UserName" of netTcpBinding in customBinding?
Related
I am new to WCF. I am investigating the right way to have message body encryption over HTTPS (mixing both transport and message level security at the moment)
I have HttpsGetEnabled.
Using WsHttpBinding, I still see the message body unencrypted
<wsHttpBinding>
<binding name="myCustomWsHttpBinding">
<security mode="TransportWithMessageCredential">
<transport clientCredentialType="None"/>
<message clientCredentialType="Certificate" />
</security>
</binding>
</wsHttpBinding>
I have also tried using custom binding but same result
<binding name="myCustomBinding">
<security authenticationMode="CertificateOverTransport"
messageProtectionOrder="EncryptBeforeSign"
includeTimestamp="true"
protectTokens="true"
>
</security>
<textMessageEncoding messageVersion="Soap11WSAddressing10" />
<httpsTransport/>
</binding>
How can we have message body encrypted when using Https? If I understand correctly message level security is independent of transport so using https is possible in this case?
In the custom binding, set authenticationMode to "mutualCertificate"
i'm using message security with a certificate authentication
<basicHttpBinding>
<binding name ="customBinding">
<security mode="Message">
<message clientCredentialType="Certificate"/>
</security>
</binding>
</basicHttpBinding>
i'm trying to log client user name, when i do this:
ServiceSecurityContext.Current.WindowsIdentity.Name
i get null. how can i retrieve the client's user name while using this security mode?
<basicHttpBinding>
<binding name="BasicHttpEndpointBinding">
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Windows" />
</security>
</binding>
</basicHttpBinding>
ServiceSecurityContext Class uses windows authentication
I have nothing to test, but may you can try mix transport-Window with message-Certificat. I'm really not sure, if this is possible.
<basicHttpBinding>
<binding name ="customBinding">
<security mode="Message">
<message clientCredentialType="Certificate" />
<transport clientCredentialType="Windows"/>
</security>
</binding>
</basicHttpBinding>
and for your web.config:
<system.web><authentication mode="Windows"/></system.web>
For Reference:
message-Windows https://learn.microsoft.com/en-us/dotnet/framework/wcf/feature-details/message-security-with-a-windows-client
message-Certificate https://learn.microsoft.com/en-us/dotnet/framework/wcf/feature-details/message-security-with-a-certificate-client
I got in my binding the username from the client with basicHttpBinding with Transport-Security (ssl):
<security mode="Transport">
<transport clientCredentialType="Windows"/>
</security>
and without ssl:
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Windows"/>
</security>
Be sure, IIS is configured with Authentication - WindowsAuthentication Enabled.
Hope this helps someone who is dealing with this.
I am having hard time converting a BasicHttpBinding to custom binding. Specifically I need to convert the security element-
<basicHttpBinding>
<binding name="MySecureBasicHttpBinding">
<security mode="TransportWithMessageCredential">
<transport clientCredentialType="None" proxyCredentialType="None" />
<message clientCredentialType="UserName" algorithmSuite="Default" />
</security>
</binding>
</basicHttpBinding>
Can anyone help write the same in custom binding?
Please also refer to post\doc, from where I can find out the correspondence between the security mode & values as in basicHttpBinding and those in custom bindings.
Thanks
Try this:
<customBinding>
<binding name="UsernamePasswordOverHttps">
<security
authenticationMode="UserNameOverTransport"
messageSecurityVersion="WSSecurity10WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10" />
<textMessageEncoding messageVersion="Soap11" />
<httpsTransport />
</binding>
</customBinding>
I've been given a wsdl for a service which VS2010 generated the following binding as part of it's configuration.
<bindings>
<basicHttpBinding>
<binding name="NotificationHttpBinding">
<security mode="Transport">
<transport clientCredentialType="None" proxyCredentialType="None" realm="" />
<message clientCredentialType="UserName" algorithmSuite="Default" />
</security>
</binding>
</basicHttpBinding>
</bindings>
I'm a little confused as what the message node will do given the mode is set to Transport?
Nothing. This will not be used at all. It is safe to remove it.
I am new at WCF programming model and I want to use netTcpBinding. Before I ask my question below this is my custom binding :
<customBinding>
<binding name="basic">
<security authenticationMode="UserNameForCertificate"/>
<binaryMessageEncoding/>
<httpsTransport/>
</binding>
</customBinding>
When I create a service reference using a simple console application it finds a certificate and ask me to use it. And this way I can use the webservice ...
But when I change binding to netTcpBinding with TransportWithMessageCredential the service is looking for certificate and could not find it like this :
<netTcpBinding>
<binding name ="sdfsd">
<security mode="TransportWithMessageCredential">
<message clientCredentialType="UserName"/>
<transport clientCredentialType="None"/>
</security>
</binding>
</netTcpBinding>
ServiceCertificate.SetCertificate(StoreLocation.LocalMachine, StoreName.My, X509FindType.FindByIssuerName, "Contoso.com").
At this point I use a CustomNameValidator and I do it programmatically.
So when I use netTcpBinding with TransportWithMessageCredential, why does the call to SetCertificate not find the installed certificate? Am I missing something ? Or do I have to add something?
ok guys...sorry but some of the message is miising ...
my custom binding is
customBinding
<customBinding>
<binding name="basic">
<security authenticationMode="UserNameForCertificate"/>
<binaryMessageEncoding/>
<httpsTransport/>
</binding>
</customBinding>
and netTcpBing that i tried to convert is :
<netTcpBinding>
<binding name ="sdfsd">
<security mode="TransportWithMessageCredential">
<message clientCredentialType="UserName"/>
<transport clientCredentialType="None"/>
</security>
</binding>
</netTcpBinding>