Specifies the types of security that can be used with the system-provided BasicHttpBinding.
Assemblies: System.ServiceModel (in System.ServiceModel.dll)
System.ServiceModel.Http (in System.ServiceModel.Http.dll)
|Security is provided using SOAP message security. For the BasicHttpBinding, the system requires that the server certificate be provided to the client separately. The valid client credential types for this binding are UserName and Certificate.|
|The SOAP message is not secured during transfer. This is the default behavior.|
|Security is provided using HTTPS. The service must be configured with SSL certificates. The SOAP message is protected as a whole using HTTPS. The service is authenticated by the client using the service’s SSL certificate. The client authentication is controlled through the ClientCredentialType.|
|This mode does not provide message integrity and confidentiality. It provides only HTTP-based client authentication. Use this mode with caution. It should be used in environments where the transfer security is being provided by other means (such as IPSec) and only client authentication is provided by the Windows Communication Foundation (WCF) infrastructure.|
|Integrity, confidentiality and server authentication are provided by HTTPS. The service must be configured with a certificate. Client authentication is provided by means of SOAP message security. This mode is applicable when the user is authenticating with a UserName or Certificate credential and there is an existing HTTPS deployment for securing message transfer.|
Security in this context means message protection (integrity and confidentiality) as well as client and service authentication.
Actual protection requirements (the specific parts of SOAP messages that must be signed or signed and encrypted) are controlled through attributes on the service contract or through properties in the contract description. Properties on the binding do not control what is being signed or encrypted: a binding only delivers the general capability of signing and encrypting.
The default behavior for the BasicHttpBinding is .
.NET FrameworkSupported in: 4.6, 4.5, 4, 3.5, 3.0
.NET Framework Client ProfileSupported in: 4, 3.5 SP1
Portable Class LibrarySupported in: Portable Class Library
.NET for Windows Store appsSupported in: Windows 8
Supported in: Windows Phone 8.1
Supported in: Windows Phone Silverlight 8.1
Supported in: Windows Phone Silverlight 8
Windows Phone 8.1, Windows Phone 8, Windows 8.1, Windows Server 2012 R2, Windows 8, Windows Server 2012, Windows 7, Windows Vista SP2, Windows Server 2008 (Server Core Role not supported), Windows Server 2008 R2 (Server Core Role supported with SP1 or later; Itanium not supported)