This documentation is archived and is not being maintained.

WebHttpSecurityMode Enumeration

Defines the modes of security that can be used to configure a service endpoint to receive HTTP requests.

Namespace:  System.ServiceModel
Assembly:  System.ServiceModel.Web (in System.ServiceModel.Web.dll)

public enum WebHttpSecurityMode

Member nameDescription
NoneIndicates no security is used with HTTP requests.
TransportIndicates that transport-level security is used with HTTP requests.
TransportCredentialOnlyIndicates that only HTTP-based client authentication is provided.

Use this enumeration to specify whether transport-level security is used by an endpoint configured with a WebHttpBinding to receive HTTP requests. The default value is None, which indicates that no security is used.

If the Transport value is specified by the WebHttpBinding(WebHttpSecurityMode), then the settings provided by the Transport property become effective for the service endpoint. The value of WebHttpSecurityMode can only be set in the WebHttpBinding constructor that takes it as an explicit parameter and its value cannot be set again after the binding instance is created.

TransportCredentialOnly does not provide message integrity and confidentiality. It provides HTTP-based client authentication only. This mode should be used with caution. It should be used in environments, such at IPSec, where the transport security is being provided by other means and only client authentication is provided by the Windows Communication Foundation (WCF) infrastructure.

Windows 7, Windows Vista, Windows XP SP2, Windows Server 2008 R2, Windows Server 2008, Windows Server 2003

The .NET Framework and .NET Compact Framework do not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.

.NET Framework

Supported in: 3.5