Expand Minimize

WebHttpSecurityMode Enumeration

Defines the modes of security that can be used to configure a service endpoint to receive HTTP requests.

Namespace:  System.ServiceModel
Assembly:  System.ServiceModel.Web (in System.ServiceModel.Web.dll)

public enum WebHttpSecurityMode

Member nameDescription
NoneIndicates no security is used with HTTP requests.
TransportIndicates that transport-level security is used with HTTP requests.
TransportCredentialOnlyIndicates that only HTTP-based client authentication is provided.

Use this enumeration to specify whether transport-level security is used by an endpoint configured with a WebHttpBinding to receive HTTP requests. The default value is None, which indicates that no security is used.

If the Transport value is specified by the WebHttpBinding(WebHttpSecurityMode), then the settings provided by the Transport property become effective for the service endpoint. The value of WebHttpSecurityMode can only be set in the WebHttpBinding constructor that takes it as an explicit parameter and its value cannot be set again after the binding instance is created.

TransportCredentialOnly does not provide message integrity and confidentiality. It provides HTTP-based client authentication only. This mode should be used with caution. It should be used in environments, such at IPSec, where the transport security is being provided by other means and only client authentication is provided by the infrastructure.

.NET Framework

Supported in: 4, 3.5

.NET Framework Client Profile

Supported in: 3.5 SP1

Windows 7, Windows Vista SP1 or later, Windows XP SP3, Windows Server 2008 (Server Core not supported), Windows Server 2008 R2 (Server Core supported with SP1 or later), Windows Server 2003 SP2

The .NET Framework does not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.
Was this page helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

ADD
Show:
© 2014 Microsoft