Export (0) Print
Expand All

How to Configure a WCF-NetTcpRelay Receive Location

[Unless specifically noted, the content in this topic applies to BizTalk Server 2013 and 2013 R2.]

This section provides information on how to configure a WCF-NetTcpRelay Receive Location using the BizTalk Server Administration Console.

noteNote
Before completing the following procedure you must have already added a one-way receive port. For more information, see How to Create a Receive Port.

To configure variables for a WCF-NetTcpRelay receive location

  1. In the BizTalk Administration console, expand BizTalk Server 2009 Administration, expand BizTalk Group, expand Applications, and then expand the application you want to create a receive location in.

  2. In the BizTalk Administration console, in the left pane, click the Receive Port node. Then in the right pane, right-click the receive port that is associated with an existing receive location or that you want to associate with a new receive location, and then click Properties.

  3. In the Receive Port Properties dialog box, in the left pane, select Receive Locations, and then in the right pane, double-click an existing receive location or click New to create a new receive location.

  4. In the Receive Location Properties dialog box, in the Transport section, select WCF-NetTcpRelay from the Type drop-down list, and then click Configure to configure the transport properties for the receive location.

  5. In the WCF-NetTcpRelay Transport Properties dialog box, on the General tab, configure the endpoint address and the endpoint identity for the WCF-NetTcpRelay receive location.

     

    Use this To do this

    Address (URI)

    Required. Specify the fully qualified URI for this receive location. This will typically be in the following format:

    sb://<Namespace>.servicebus.windows.net/
    

    Endpoint Identity

    Optional. Specify the endpoint identity. These settings enable the endpoint to authenticate this receive location. In the handshake process between the endpoint and the receive location, the Windows Communication Foundation (WCF) infrastructure will ensure that the identity of the endpoint matches the values of this element.

    Minimum length: 0

    Maximum length: 32767

    The default is an empty string.

  6. In the WCF-NetTcpRelay Transport Properties dialog box, on the Binding tab, configure the time-out and transaction properties.

     

    Use this To do this

    Open timeout (hh:mmss)

    Specify a time span value that indicates the interval of time provided for a channel open operation to complete. This value should be greater than or equal to System.TimeSpan.Zero.

    Default value: 00:01:00

    Maximum value: 23:59:59

    Send timeout (hh:mmss)

    Specify a time span value that indicates the interval of time provided for a send operation to complete. This value should be greater than or equal to System.TimeSpan.Zero. If you use a request-response receive port, this value specifies a time span for the whole interaction to complete, even if the client returns a large message.

    Default value: 00:01:00

    Maximum value: 23:59:59

    Close timeout (hh:mmss)

    Specify a time span value that indicates the interval of time provided for a channel close operation to complete. This value should be greater than or equal to System.TimeSpan.Zero.

    Default value: 00:01:00

    Maximum value: 23:59:59

    Maximum received message size (bytes)

    Specify the maximum size, in bytes, for a message including headers, which can be received on the wire. The size of the messages is bounded by the amount of memory allocated for each message. You can use this property to limit exposure to denial of service (DoS) attacks.

    The WCF-NetTcpRelay adapter leverages the NetTcpRelayBinding class in the buffered transfer mode to communicate with an endpoint. For the buffered transport mode, the NetTcpRelayBindingBase.MaxBufferSize property is always equal to the value of this property.

    Default value: 65536

    Maximum value: 2147483647

    Maximum concurrent calls

    Specify the number of concurrent calls to a single service instance. Calls in excess of the limit are queued. Setting this value to 0 is equivalent to setting it to Int32.MaxValue.

    Default value: 200

  7. In the WCF-NetTcpRelay Transport Properties dialog box, on the Security tab, define the security capabilities of the WCF-NetTcpRelay receive location.

     

    Use this To do this

    Security mode

    Specify the type of security that is used. Valid values include the following:

    • None: Messages are not secured during transfer.

    • Transport: Transport security is provided using TLS over TCP or SPNego. It is possible to control the protection level with this mode. If you select None or Certificate for the Transport client credential type property in this security mode, you must supply the service certificate for this receive location through the Service certificate - Thumbprint property.

    • Message: Security is provided using SOAP message security. By default, the SOAP Body is encrypted and signed. This mode offers a variety of features, such as whether the service credentials are available at the client out of band, and the algorithm suite to use. If you select None, UserName, or Certificate for the Message client credential type property in this security mode, you must supply the service certificate for this receive location through the Service certificate - Thumbprint property.

    • TransportWithMessageCredential: Transport security is coupled with message security. Transport security is provided by TLS over TCP or SPNego and ensures integrity, confidentiality, and server authentication. If you select Windows, UserName, or Certificate for the Message client credential type property in this security mode, you must supply the service certificate for this receive location through the Service certificate - Thumbprint property.

      noteNote
      This security mode cannot be used with the Transport client credential type property, None.

    The default is Transport.

    Transport protection level

    Define security at the level of the TCP transport. Signing messages mitigates the risk of a third party tampering with the message while it is being transferred. Encryption provides data-level privacy during transport. Valid values include the following:

    • None: No protection.

    • Sign: Messages are signed.

    • EncryptAndSign: Messages are encrypted and signed.

    The default value is EncryptAndSign.

    Message client credential type

    Specify the type of credential to be used when performing client authentication using message-based security. This is required only if the Security mode is set to Message or TransportWithMessageCredential. Valid values include the following:

    • None: This allows the service to interact with anonymous clients. This indicates that this client does not provide any client credential.

    • Windows: Allow the SOAP exchanges to be under the authenticated context of a Windows credential. The client credential is passed through the SOAP Header element using the WSS SOAP Message Security Kerberos Token Profile 1.0 protocol. You must create the domain or local user accounts corresponding to client credentials. In addition, the client's userPrincipalName element must be configured with the user account name running this receive handler.

    • UserName: Clients are authenticated to this receive location with a UserName credential. The credential is passed through the SOAP Header element using the WSS SOAP Message Security UsernameToken Profile 1.0 protocol. You must create the domain or local user accounts corresponding to client credentials.

    • Certificate: Clients are authenticated to this receive location using the client certificate specified through the Service certificate - Thumbprint property. The credential is passed through the SOAP Header element using the WSS SOAP Message Security X509 Token Profile 1.0 protocol. To authenticate the client certificates, the CA certificate chain for the client certificates must be installed in the Trusted Root Certification Authorities certificate store of this computer. In addition, you must provide the service certificate for this location through the Service certificate - Thumbprint property.

    The default is Windows.

    Algorithm suite

    Specify the message encryption and key-wrap algorithms. These algorithms map to those specified in the Security Policy Language (WS-SecurityPolicy) specification. Possible values are:

    • Basic128: Use Aes128 encryption, Sha1 for message digest, and Rsa-oaep-mgf1p for key wrap.

    • Basic128Rsa15: Use Aes128 for message encryption, Sha1 for message digest, and Rsa15 for key wrap.

    • Basic128Sha256: Use Aes256 for message encryption, Sha256 for message digest, and Rsa-oaep-mgf1p for key wrap.

    • Basic128Sha256Rsa15: Use Aes128 for message encryption, Sha256 for message digest, and Rsa15 for key wrap.

    • Basic192: Use Aes192 encryption, Sha1 for message digest, and Rsa-oaep-mgf1p for key wrap.

    • Basic192Rsa15: Use Aes192 for message encryption, Sha1 for message digest, and Rsa15 for key wrap.

    • Basic192Sha256: Use Aes192 for message encryption, Sha256 for message digest, and Rsa-oaep-mgf1p for key wrap.

    • Basic192Sha256Rsa15: Use Aes192 for message encryption, Sha256 for message digest, and Rsa15 for key wrap.

    • Basic256: Use Aes256 encryption, Sha1 for message digest, and Rsa-oaep-mgf1p for key wrap.

    • Basic256Rsa15: Use Aes256 for message encryption, Sha1 for message digest, and Rsa15 for key wrap.

    • Basic256Sha256: Use Aes256 for message encryption, Sha256 for message digest, and Rsa-oaep-mgf1p for key wrap.

    • Basic256Sha256Rsa15: Use Aes256 for message encryption, Sha256 for message digest, and Rsa15 for key wrap.

    • TripleDes: Use TripleDes encryption, Sha1 for message digest, Rsa-oaep-mgf1p for key wrap.

    • TripleDesRsa15: Use TripleDes encryption, Sha1 for message digest, and Rsa15 for key wrap.

    • TripleDesSha256: Use TripleDes for message encryption, Sha256 for message digest, and Rsa-oaep-mgf1p for key wrap.

    • TripleDesSha256Rsa15: Use TripleDes for message encryption, Sha256 for message digest, and Rsa15 for key wrap.

    The default value is Basic256.

    Service certificate -Thumbprint

    Specify the thumbprint of the X.509 certificate for this receive location that the clients use to authenticate the service. The thumbprint can be selected by navigating the My store in the Current User location with the Browse button.

    noteNote
    You must install the service certificate into the Current User location of the user account for the receive handler hosting this receive location.

    Minimum length: 0

    Maximum length: 40

    The default is an empty string.

    Relay client authentication type

    Specify the option to authenticate with the Service Bus relay endpoint from where the message is received. Valid values include the following:

    • None: No authentication is required.

    • RelayAccessToken: Specify this to use a security token to authorize with the Service Bus Relay endpoint.

    The default value is RelayAccessToken.

    Enable service discovery

    Select this check box to specify whether the behavior of the service is published in the Service Registry.

    Access control service

    If you set the Relay client authentication type to RelayAccessToken, click the Edit button and specify the following details:

    • Access Control Service STS Uri – Set this to https://<Namespace>-sb.accesscontrol.windows.net/, where <namespace> is your Service Bus namespace.

    • Issuer Name – Specify the issuer name. Typically this is set to owner.

    • Issuer Key – Specify the issuer key.

    noteNote
    You can get the values for the Queue URL, ACS URL, issuer name and key from the Windows Azure CTP Management Portal.

  8. In the WCF-NetTcpRelay Transport Properties dialog box, on the Messages tab, specify the data selection for the SOAP Body element.

     

    Use this To do this

    Envelope -- entire <soap:Envelope>

    Create the BizTalk message body part from the entire SOAP Envelope of an incoming message.

    The default value is cleared.

    Body -- contents of <soap:Body> element

    Use the content of the SOAP Body element of an incoming message to create the BizTalk message body part. If the Body element has more than one child element, only the first element becomes the BizTalk message body part.

    This is the default setting.

    Path -- content located by body path

    Use the body path expression in the Body path expression text box to create the BizTalk message body part. The body path expression is evaluated against the immediate child element of the SOAP Body element of an incoming message.

    The default value is cleared.

    Body path expression

    Type the body path expression to identify a specific part of an incoming message used to create the BizTalk message body part. This body path expression is evaluated against the immediate child element of the SOAP Body element of an incoming message. If this body path expression returns more than one node, only the first node is chosen for the BizTalk message body part. This property is required if the Path -- content located by body path option is selected.

    Type: String

    Minimum length: 0

    Maximum length: 32767

    The default is an empty string.

    Node encoding

    Specify the type of encoding that the WCF-NetTcpRelay receive adapter uses to decode for the node identified by the body path expression in the Body path expression text box. This property is required if the Path -- content located by body path option is selected. Valid values include the following:

    • Base64: Base64 encoding.

    • Hex: Hexadecimal encoding.

    • String: Text encoding - UTF-8

    • XML: The WCF adapters create the BizTalk message body with the outer XML of the node selected by the body path expression in the Body path expression text box.

    The default is XML.

    Body -- BizTalk response message body

    Use the BizTalk message body part to create the content of the SOAP Body element of an outgoing response message. This property is valid only for request-response receive locations.

    This is the default setting.

    Template -- content specified by template

    Use the template supplied in the XML text box to create the content of the SOAP Body element for an outgoing message. This property is valid only for request-response receive locations.

    The default value is cleared.

    XML

    Type the XML-formatted template for the content of the SOAP Body element of an outgoing message. This property is required if the Template -- BizTalk response message body option is selected. This property is valid only for request-response receive locations.

    Type: String

    Minimum length: 0

    Maximum length: 32767

    The default is <bts-msg-body xmlns="http://www.microsoft.com/schemas/bts2007" encoding="xml"/>.

    Suspend request message on failure

    Specify whether to suspend the request message that fails inbound processing due to a receive pipeline failure or a routing failure.

    The default value is cleared.

    Include exception detail in faults

    Specify whether to return SOAP faults when an error occurs to easy debugging.

    The default value is cleared.

  9. Click OK.

  10. Enter the appropriate values in the Receive Location Properties dialog box to complete the configuration of the receive location and click OK to save settings. For information about the Receive Locations Properties dialog box, see How to Create a Receive Location.

See Also

© 2014 Microsoft Corporation. All rights reserved.

Community Additions

ADD
Show:
© 2014 Microsoft