Export (0) Print
Expand All

FaultContractAttribute.ProtectionLevel Property

Specifies the level of protection the SOAP fault requires from the binding.

Namespace: System.ServiceModel
Assembly: System.ServiceModel (in system.servicemodel.dll)

public ProtectionLevel ProtectionLevel { get; set; }
/** @property */
public ProtectionLevel get_ProtectionLevel ()

/** @property */
public void set_ProtectionLevel (ProtectionLevel value)

public function get ProtectionLevel () : ProtectionLevel

public function set ProtectionLevel (value : ProtectionLevel)

Not applicable.

Property Value

One of the System.Net.Security.ProtectionLevel values. The default is System.Net.Security.ProtectionLevel.None.

Use the FaultDescription.ProtectionLevel property to specify the degree to which the binding must encrypt, sign, or both when sending the SOAP fault. It is strongly recommended that an operation's fault explicitly decide the security protection level requirements on the contract. The default protection level is System.Net.Security.ProtectionLevel.None, meaning that the SOAP fault message you are defining does not require encryption or a digital signature (although your binding may provide this support if it is configured to do so). If a fault message carries information that is sensitive or can lead to security problems, it is strongly recommended that the ProtectionLevel property be set to System.Net.Security.ProtectionLevel.EncryptAndSign. For more about security issues, see Understanding Protection Level.

The protection behavior at runtime is the combination of the protection-level properties that have a hierarchical structure. Setting the outermost value establishes the default setting for all narrower scopes unless a different value for a narrower scope is explicitly set. In this case, the outer value remains the default for all narrower scopes with the exception of that specifically set.

For example, if ServiceContractAttribute.ProtectionLevel is set to System.Net.Security.ProtectionLevel.EncryptAndSign and no other narrower scopes have protection level settings, all messages in an operation contract are encrypted and signed, including fault messages. If, however, one of those operations has the OperationContractAttribute set to System.Net.Security.ProtectionLevel.Sign, then the messages for that operation are signed but all other messages in the contract are encrypted and signed, including fault messages.

The scopes at which these values are set are:

ServiceContractAttribute.ProtectionLevel

    OperationContractAttribute.ProtectionLevel

        FaultContractAttribute.ProtectionLevel

        MessageContractAttribute.ProtectionLevel

            The MessageContractMemberAttribute.ProtectionLevel property on System.ServiceModel.MessageHeaderAttribute.

            The MessageContractMemberAttribute.ProtectionLevel property on System.ServiceModel.MessageBodyMemberAttribute.

When there is no protection level explicitly specified on the contract and the underlying binding supports security (whether at the transport or message level), the effective protection level for the whole contract is System.Net.Security.ProtectionLevel.EncryptAndSign. If the binding does not support security (such as BasicHttpBinding), the effective System.Net.Security.ProtectionLevel is System.Net.Security.ProtectionLevel.None for the whole contract. The result is that depending upon the endpoint binding, clients can require different message or transport level security protection even when the contract specifies System.Net.Security.ProtectionLevel.None.

Windows 98, Windows Server 2000 SP4, Windows CE, Windows Millennium Edition, Windows Mobile for Pocket PC, Windows Mobile for Smartphone, Windows Server 2003, Windows XP Media Center Edition, Windows XP Professional x64 Edition, Windows XP SP2, Windows XP Starter Edition

The Microsoft .NET Framework 3.0 is supported on Windows Vista, Microsoft Windows XP SP2, and Windows Server 2003 SP1.

.NET Framework

Supported in: 3.0

Community Additions

ADD
Show:
© 2015 Microsoft