ServiceSecurityAuditBehavior Class

Specifies the audit behavior of security events. In general, the security events consist of authentication events such as transport, message or negotiate authentication and authorization event. For more information, see ServiceAuthorizationManager.

Namespace:  System.ServiceModel.Description
Assembly:  System.ServiceModel (in System.ServiceModel.dll)

'Declaration
Public NotInheritable Class ServiceSecurityAuditBehavior _
	Implements IServiceBehavior
'Usage
Dim instance As ServiceSecurityAuditBehavior

The ServiceSecurityAuditBehavior class is used to audit Windows Communication Foundation (WCF) authentication events. When auditing is enabled, either successful or failed authentication attempts (or both) can be audited. The events are written to one of three event logs: application, security, or the default log for the operating system version. The event logs can all be viewed using the Windows Event viewer.

Use this class to specify which event log is written to, as well as kinds of authentication events to write. You can also specify whether to suppress audit failures by setting the SuppressAuditFailure property to false (the default is true).

For more information about auditing security events for WCF applications, see Auditing Security Events.

To specify audit behavior in configuration, use the <serviceSecurityAudit> element.

The following code creates an instance of the ServiceHost class and adds a new ServiceSecurityAuditBehavior to its collection of behaviors.

Public Shared Sub Main() 
    ' Get base address from appsettings in configuration. 
    Dim baseAddress As New Uri(ConfigurationManager.AppSettings("baseAddress"))

    ' Create a ServiceHost for the CalculatorService type  
    ' and provide the base address. 
    Dim serviceHost As New ServiceHost(GetType(CalculatorService), baseAddress)
    Try 
        ' Create a new auditing behavior and set the log location. 
        Dim newAudit As New ServiceSecurityAuditBehavior()
        newAudit.AuditLogLocation = AuditLogLocation.Application
        newAudit.MessageAuthenticationAuditLevel = _
            AuditLevel.SuccessOrFailure
        newAudit.ServiceAuthorizationAuditLevel = _
            AuditLevel.SuccessOrFailure
        newAudit.SuppressAuditFailure = False 
        ' Remove the old behavior and add the new.
        serviceHost.Description.Behaviors.Remove(Of ServiceSecurityAuditBehavior)
        serviceHost.Description.Behaviors.Add(newAudit)
        ' Open the ServiceHostBase to create listeners  
        ' and start listening for messages.
        serviceHost.Open()

        ' The service can now be accessed.
        Console.WriteLine("The service is ready.")
        Console.WriteLine("Press <ENTER> to terminate service.")
        Console.WriteLine()
        Console.ReadLine()

        ' Close the ServiceHostBase to shutdown the service.
        serviceHost.Close()
    Finally 
    End Try 

End Sub

System.Object
  System.ServiceModel.Description.ServiceSecurityAuditBehavior

Any public static (Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.

Windows 7, Windows Vista, Windows XP SP2, Windows Server 2008 R2, Windows Server 2008, Windows Server 2003

The .NET Framework and .NET Compact Framework do not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.

.NET Framework

Supported in: 3.5, 3.0
Was this page helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

ADD
Show:
© 2014 Microsoft