WCF DualHTTPBINDING Message Security

Question

WCF DualHTTPBINDING Message Security

When using WSDUALHTTPBINDING with message protection, is it recommended to use transport security [ie SSL]? Perhaps this depends on the scenario. In my case, both the client and the service are on the intranet. If the service was on a web server over the Internet, would the answer be different?

Update now that I know that wsduallhttpbinding does not support transport security, is message security as secure, or should I use another binding that supports ssl in my script

+4

c # ssl wcf wcf-security wsdualhttpbinding

user1438082 May 18, '14 at 9:40

source share

3 answers

wsDualHttpBinding , , SSL/TLS . , wsDualHttpBinding:

MSDN: WSDualHttpSecurityMode : Message None http://msdn.microsoft.com/en-us/library/ms731363(v=vs.110).aspx
http://msdn.microsoft.com/en-us/library/system.servicemodel.wsdualhttpsecuritymode(v=vs.110).aspx

. Microsoft® ( ) .

- :
http://wcfsecurityguide.codeplex.com/

. "intranet vs internet web service" , . , SSL, .

,

+4

Seymour 23 '14 11:37

wsDualHttpBinding , : http://msdn.microsoft.com/en-us/library/ff648589.aspx

. wsDualHttpBinding.

. WS-Security .

UPDATE: As I said, you can rely on message security, it provides end-to-end security. You can find a detailed explanation here: http://msdn.microsoft.com/en-us/library/ff648863.aspx

The disadvantage of message protection is that it is a bit slower than every message that needs to be encrypted, but don’t worry that it is safe enough, you don’t need to change the bindings.

+3

Nat acha May 23 '14 at 9:06

source share

Derek W · Accepted Answer · 2014-05-23T22:45:48+0000

On the original question:

WSDUALHTTPBINDING [i.e SSL]?

, WSDualHttpBinding Transport. , .

:

, , wsduallhttpbinding , , ssl

Message , . Transport .

, . , , .

MSDN :

:
WCF, , , WCF .
WCF WCF , .

Message and Transport Security MSDN .

WCF DualHTTPBINDING Message Security

More articles: