WSDL and Policy


This topic covers Windows Communication Foundation (WCF) WSDL 1.1, WS-Policy and WS-PolicyAttachment implementation details, as well as additional WS-Policy assertions and WSDL 1.1 extensions introduced by WCF.

WCF implements WS-Policy and WS-PolicyAttachment specifications submitted to W3C with constraints and clarifications described in this document.

This document uses the prefixes and namespaces shown in the following table.

wsp (WS-Policy 1.2)
wsp (WS-Policy 1.5)

WCF uses the following WSDL1.1 extensions to describe contract session requirements.

xs:boolean, indicates this operation initiates a WCF session; the default value is false.

xs:boolean, indicates this operation terminates a WCF session; the default value is false.

xs:boolean, indicates this contract requires session to be established.

SOAP 1.x HTTP Binding Transport URIs

WCF uses the following URIs to indicate transports to be used for WSDL 1.1, SOAP 1.1, and SOAP 1.2 binding extension elements.

Named Pipes

In addition to policy assertions introduced in the Web Services specifications (WS-*) and mentioned in other sections of this document, WCF implements the following policy assertions.

Policy assertionPolicy subjectDescription
http:HttpBasicAuthenticationEndpointEndpoint uses HTTP Basic Authentication.
http:HttpDigestAuthenticationEndpointEndpoint uses HTTP Digest Authentication.
http:HttpNegotiateAuthenticationEndpointEndpoint uses HTTP Negotiate Authentication.
http:HttpNtlmAuthenticationEndpointEndpoint uses HTTP NTLM Authentication.
msf:StreamedEndpointEndpoint uses streamed message framing. This assertion is used with the Message Framing protocol provided for transports such as TCP, and named pipes.
msf:SslTransportSecurityEndpointEndpoint uses transport-layer security (TLS) with message framing.
msf:WindowsTransportSecurityEndpointEndpoint uses Security Provider Negotiation (SPNEGO) with message framing.
msmq:MsmqBestEffortEndpointMSMQ with best-effort guarantees.
msmq:MsmqSessionEndpointMSMQ with Session guarantees.
msmq:MsmqVolatileEndpointMSMQ Volatile.
msmq:AuthenticatedEndpointAuthentication is used with MSMQ transport.
msmq:WindowsDomainEndpointMSMQ uses Windows Domain authentication.
cdp:CompositeDuplexEndpointEndpoint uses two separate converse transport connections for in and out messages.
mssp:RsaTokenNestedRSA key token assertion. This requirement is typically satisfied by an RSA key serialized directly as part of the key information in an endorsing signature.
mssp:SslContextTokenNestedRequires that a SecurityContextToken obtained using binary TLS handshake using WS-Trust be used. Nested assertions include: sp:RequireDerivedKeys, mssp:MustNotSendCancel, mssp:RequireClientCertificate.
mssp:MustNotSendCancelNestedSpecifies a requirement that a request security token (RST) request messages [WS-Trust] using the Cancel binding [WS-Trust, WS-SC] not be sent to the issuer of a given SecurityContextToken. If this assertion is present, then such request messages must not be sent to the issuer. If this assertion is not present, then such request messages can be sent to the issuer.
mssp:RequireClientCertificateNestedThis optional element specifies a requirement for a client certificate to be provided as part of the TLSNEGO protocol. If this assertion is present, then a client certificate must be provided. If this assertion is not present, then a client certificate must not be provided. This assertion must not be used outside of mssp:SslContextToken.

Custom WSDL Publication
How to: Export Custom WSDL
How to: Import Custom WSDL