Does Message Security still work when I set Security Mode to Transport in WCF

279 views Asked by At

I have a WCF service which the security mode has been set to "Transport". Below is my service configuration:

<bindings>
  <netTcpBinding>
    <binding name="tcpConSecure" >
      <security mode="Transport">
        <transport clientCredentialType="Windows" protectionLevel="EncryptAndSign" />
      </security>
    </binding>
  </netTcpBinding>
</bindings>

When I use VisualStudio "Edit WCF configuration" tool to open my configuration, in security tab, it will display like this: enter image description here

Question:

  1. Does the setting in MessageSecurity properties area still work when I set mode to Transport? I ask this question because I didn't set message security related properties in config file.
  2. When I set Security Mode to "Transport" and client credential type to "Windows", will the transfer message between server/client be encrypted? By which algorithm?

From this link, the messages are secured at the transport level by windows security. What does Windows Security mean?

1

There are 1 answers

2
Ding Peng On BEST ANSWER

For the first question, if the mode is set to "Transfer", the settings in the MessageSecurity properties area will be invalid. Securing a service with both transport and message credentials uses the best of both Transport and Message security modes in Windows Communication Foundation (WCF). In sum, transport-layer security provides integrity and confidentiality, while message-layer security provides a variety of credentials that are not possible with strict transport security mechanisms. For more information about TransportWithMessageCredential, you can refer to this link.

If the Transport mode is used, the main mechanism used to protect the transmission is the Secure Sockets Layer (SSL) based on HTTP, usually called HTTPS. So if we use Transport mode, we need to bind a certificate to the service. For more information about Transport Security, you can refer to this link.