Windows apps
Collapse the table of content
Expand the table of content
Information
The topic you requested is included in another documentation set. For convenience, it's displayed below. Choose Switch to see the topic in its original location.

BasicHttpSecurityMode Enumeration

 

Specifies the types of security that can be used with the system-provided BasicHttpBinding.

Namespace:   System.ServiceModel
Assembly:  System.ServiceModel (in System.ServiceModel.dll)

public enum BasicHttpSecurityMode

Member nameDescription
Message

Security is provided using SOAP message security. For the BasicHttpBinding, the system requires that the server certificate be provided to the client separately. The valid client credential types for this binding are UserName and Certificate.

None

The SOAP message is not secured during transfer. This is the default behavior.

Transport

Security is provided using HTTPS. The service must be configured with SSL certificates. The SOAP message is protected as a whole using HTTPS. The service is authenticated by the client using the service’s SSL certificate. The client authentication is controlled through the ClientCredentialType.

TransportCredentialOnly

This mode does not provide message integrity and confidentiality. It provides only HTTP-based client authentication. Use this mode with caution. It should be used in environments where the transfer security is being provided by other means (such as IPSec) and only client authentication is provided by the Windows Communication Foundation (WCF) infrastructure.

TransportWithMessageCredential

Integrity, confidentiality and server authentication are provided by HTTPS. The service must be configured with a certificate. Client authentication is provided by means of SOAP message security. This mode is applicable when the user is authenticating with a UserName or Certificate credential and there is an existing HTTPS deployment for securing message transfer.

Security in this context means message protection (integrity and confidentiality) as well as client and service authentication.

Actual protection requirements (the specific parts of SOAP messages that must be signed or signed and encrypted) are controlled through attributes on the service contract or through properties in the contract description. Properties on the binding do not control what is being signed or encrypted: a binding only delivers the general capability of signing and encrypting.

The default behavior for the BasicHttpBinding is None.

Universal Windows Platform
Available since 4.5
.NET Framework
Available since 3.0
Portable Class Library
Supported in: portable .NET platforms
Silverlight
Available since 2.0
Windows Phone Silverlight
Available since 7.0
Return to top
Show:
© 2016 Microsoft