<message> of <netMsmqBinding>

Article
01/05/2010

Defines the SOAP message security settings on this netMsmqBinding binding.

Schema Hierarchy

<system.serviceModel>
  <bindings>
    <netMsmqBinding>
      <binding>
        <security> of <netMsmqBinding>
          <message> of <netMsmqBinding>

Syntax

<netMsmqBinding>
    <binding>
      <security>
         <message 
                      algorithmSuite="Basic128/Basic192/Basic256/Basic128Rsa15/Basic256Rsa15/TripleDes/TripleDesRsa15/Basic128Sha256/Basic192Sha256/TripleDesSha256/Basic128Sha256Rsa15/Basic192Sha256Rsa15/Basic256Sha256Rsa15/TripleDesSha256Rsa15"
            clientCredentialType="None/Windows/UserName/Certificate/CardSpace" />
    </security>
</netMsmqBinding>

Attributes and Elements

The following sections describe attributes, child elements, and parent elements.

Attributes

Attribute	Description
algorithmSuite	Sets the message encryption and key-wrap algorithms that are used to achieve message-based security for messages sent over MSMQ transport. The default value is Aes256. This attribute is of type SecurityAlgorithmSuite.
clientCredentialType	Specifies the type of credential to be used when performing client authentication for messages sent over the MSMQ transport. Valid values include the following: None: This allows the service to interact with anonymous clients. Neither the service nor the client requires a credential. Windows: This enables the SOAP exchanges to be under the authenticated context of a Windows credential. This always performs Kerberos-based authentication. UserName: This enables the service to require that the client be authenticated using a UserName credential. The credential in this case needs to be specified using the clientCredentials behavior Caution: Windows Communication Foundation (WCF) does not support sending a password digest or deriving keys using password and using such keys for message security. Therefore, WCF enforces that the exchange is secured when using UserName credentials. This mode requires that the service certificate be specified on the client side using clientCredential behavior and serviceCertificate. Certificate: This enables the service to require that the client be authenticated using a certificate. The client credential in this case needs to be specified using the clientCredentials behavior. The service credential in this case needs to be specified using the clientCredentials behavior by specifying the serviceCertificate. CardSpace: This allows the service to require that the client be authenticated using a CardSpace. The serviceCertiifcate must be provisioned in the clientCredential behavior. The default value is Windows. This attribute is of type MessageCredentialType.

algorithmSuite

Sets the message encryption and key-wrap algorithms that are used to achieve message-based security for messages sent over MSMQ transport.

The default value is Aes256. This attribute is of type SecurityAlgorithmSuite.

clientCredentialType

Specifies the type of credential to be used when performing client authentication for messages sent over the MSMQ transport. Valid values include the following:

None: This allows the service to interact with anonymous clients. Neither the service nor the client requires a credential.
Windows: This enables the SOAP exchanges to be under the authenticated context of a Windows credential. This always performs Kerberos-based authentication.
UserName: This enables the service to require that the client be authenticated using a UserName credential. The credential in this case needs to be specified using the clientCredentials behavior

Caution:

Windows Communication Foundation (WCF) does not support sending a password digest or deriving keys using password and using such keys for message security. Therefore, WCF enforces that the exchange is secured when using UserName credentials. This mode requires that the service certificate be specified on the client side using clientCredential behavior and serviceCertificate.

Certificate: This enables the service to require that the client be authenticated using a certificate. The client credential in this case needs to be specified using the clientCredentials behavior. The service credential in this case needs to be specified using the clientCredentials behavior by specifying the serviceCertificate.
CardSpace: This allows the service to require that the client be authenticated using a CardSpace. The serviceCertiifcate must be provisioned in the clientCredential behavior.

The default value is Windows. This attribute is of type MessageCredentialType.

Child Elements

None

Parent Elements

Element	Description
<security> of <netMsmqBinding>	Defines the security settings for a binding.

<message> of <netMsmqBinding>

Schema Hierarchy

Syntax

Attributes and Elements

Attributes

Child Elements

Parent Elements

See Also

Reference

Concepts

Other Resources

Additional resources