Is the wsHttpBinding only for .NET clients?
Because in wsHttpBinding default security is enabled, so data transferred with encryption. So how can non-.NET clients (like java or php) consume such WCF services?
Asked
Active
Viewed 5,391 times
2 Answers
1
The default Message security for WsHttpBinding is set to "Windows", I believe. This may well be because this will make security work out of the box, at least for a WCF service and client.
If you need to be interoperable, it's easy to change this though. You can set it to any one of these:
- Windows (the default)
- None
- UserName
- Certificate
- IssuedToken
See the "message, of wsHttpBinding" MSDN page for more details. To test communication with your Java or PHP client you could temporarily disable security:
<wsHttpBinding>
<binding>
<security mode="Message">
<!-- Not recommended! Use only for testing. -->
<message clientCredentialType="None" />
</security>
</binding>
</wsHttpBinding>
After you got things working you could switch to -for example- using certificates, depending on what your non-WCF side supports.
Jeroen
- 60,696
- 40
- 206
- 339
1
As Jeroen says by default wsHttpBinding defaults to message security and windows credentials
For non-Windows clients you will need to change the authentication mode. However, if you stay with message security you also need any consuming toolkit to have an implementation of WS-Security (and WS-Trust / WS-SecureConversation).
What features of wsHttpBinding are you using that means basicHttpBinding isn't appropriate? BasicHttpBinding is a simpler binding to get working in interop scenarios
Richard Blewett
- 6,089
- 1
- 18
- 23