This is the seventh post in the WCF 4.5 series. In previous posts we’ve examined two new security features of WCF 4.5 and IIS – multiple client credentials support, and default HTTPS endpoint support, both new features are IIS-specific (or to be more exact, web hosting specific). In this post we will look into a new security configuration option in WCF 4.5 – the BasicHttpsBinding.
Transport security is supported in WCF since day 1, and you can configure it by setting the security mode of your binding:
Declaring transport security based endpoints is quite an easy task in WCF, but does require writing some binding configuration in the config file. WCF 4.5 helps reduce the amount of configuration by adding a new type of binding – basicHttpsBinding.
The basicHttpsBinding is similar to basicHttpBinding, only it has the following defaults:
- Security mode = Transport
- Client credential type = None
Setting up an endpoint with a basicHttps binding is quite simple:
<add baseAddress = “http://localhost:8733/Design_Time_Addresses/WcfServiceLibrary1/Service1/” />
<add baseAddress = “https://localhost:44310/Design_Time_Addresses/WcfServiceLibrary1/Service1/” />
<endpoint address=”" binding=”basicHttpBinding” contract=”WcfServiceLibrary1.IService1″/>
<endpoint address=”" binding=”basicHttpsBinding“ contract=”WcfServiceLibrary1.IService1″/>
If you want to change the default client credential type for the secured endpoints, you will need to create a binding configuration for the secured endpoint:
Note: Since this is a secured binding, the security mode can be either Transport or TransportWithMessageCredential only. TransportCredentialOnly is not supported for this type of binding.
Stay tuned for more posts about the new features of WCF 4.5. You can also follow me on Twitter (@IdoFlatow) to get updates as soon as new posts are published.
The RTM of .NET 4.5 is still to come, and I assume many of you are still adjusting to WCF 4. If you want to learn more about the new features of WCF 4, come to my session at Visual Studio Live! 2011 in Redmond (October 17-21).
Also, if you are an MCT and reside in the US, come hear my session about WCF 4 at the MCT 2011 North-America Summit that will be held in San-Francisco (October 19-21).