Was this page helpful?
Your feedback about this content is important. Let us know what you think.
Additional feedback?
1500 characters remaining
WebHttpSecurityMode Enumeration
Collapse the table of content
Expand the table of content

WebHttpSecurityMode Enumeration

Defines the modes of security that can be used to configure a service endpoint to receive HTTP requests.

Namespace:  System.ServiceModel
Assembly:  System.ServiceModel.Web (in System.ServiceModel.Web.dll)

public enum WebHttpSecurityMode

Member nameDescription
NoneIndicates no security is used with HTTP requests.
TransportIndicates that transport-level security is used with HTTP requests.
TransportCredentialOnlyIndicates that only HTTP-based client authentication is provided.

Use this enumeration to specify whether transport-level security is used by an endpoint configured with a WebHttpBinding to receive HTTP requests. The default value is None, which indicates that no security is used.

If the Transport value is specified by the WebHttpBinding(WebHttpSecurityMode), then the settings provided by the Transport property become effective for the service endpoint. The value of WebHttpSecurityMode can only be set in the WebHttpBinding constructor that takes it as an explicit parameter and its value cannot be set again after the binding instance is created.

TransportCredentialOnly does not provide message integrity and confidentiality. It provides HTTP-based client authentication only. This mode should be used with caution. It should be used in environments, such at IPSec, where the transport security is being provided by other means and only client authentication is provided by the Windows Communication Foundation (WCF) infrastructure.

.NET Framework

Supported in: 4.6, 4.5, 4, 3.5

.NET Framework Client Profile

Supported in: 3.5 SP1
© 2015 Microsoft