.netWCF

Message Protection in WCF (Part – 29)

ProtectionLevel parameter is used  to protect message in WCF. ProtectionLevel enum is present in System.Net.Security namespace.

The following 6 attributes has the ProtectionLevel named parameter.They are specified in order of precedence.

ServiceContractAttribute
OperationContractAttribute
FaultContractAttribute
MessageContractAttribute
MessageHeaderAttribute
MessageBodyMemberAttribute

Example: ProtectionLevel specified at an operationContract level overrides the protectionLevel specified at ServiceContract Level.

When you use WSHttpBinding,by default the message is encrypted and signed.Encryption provides confidentialityand signing provides integrity.

Example: [OperationContract(ProtectionLevel = ProtectionLevel.None)]

[OperationContract(ProtectionLevel = ProtectionLevel.EncryptAndSign)]

[OperationContract(ProtectionLevel = ProtectionLevel.Sign)]

So the ProtectionLevel can be None,EncryptAndSign and Sign.

None: Message is not signed and not encrypted

EncryptAndSign:Message is encrypted and signed to ensure confidentiality and Integrity of message.

Sign: Message is digitally signed to ensure Integrity of message.

An exception (Unhandled Exception SystemInvalidOperationException)will be thrown when Binding does not support secuity and you have explicitly set ProtectionLevel otherthan None.So ProtectionLevel parameter is used to enforce the minimum level of protection required.

 

© 2015, www.techkatak.com. All rights reserved.