Freigeben über


WCF Security Modes

WCF supports three types of Security. They are,

  • Transport Security
  • Mixed-Mode Security
  • Message Security

Let's discuss the various Security Modes below. 

Transport Security is applied at the transport byte stream below the message layer. The message does not have a Security header and the message does not carry any user authentication data. It is the least flexible in terms of WS-Security usage and it is highly dependent on the transport. It is the fastest in terms of performance.

Message Security is applied at the message layer and it is transport independent. It is a point to point security model with maximum flexibility in terms of having the message routed over different transports. WS-Security defines different ways to secure a message and the tokens that can be used. Message Security provides the maximum flexibility in terms of that as well. Message Security is slowest in terms of performance.

Mixed-Mode Security is a hybrid between Transport and Message Security. The transport is encrypted and the message contains some user authentication tokens. If the token can provide a key (i.e., it is not a username/password token) then it will sign the timestamp in the security header. If the client token is a Asymmetric token then the 'To' header will be signed as well. It is faster than Message Security.

Comments

  • Anonymous
    February 06, 2007
    When you are using a X.509 Certificate as the client authentication token in Mixed-Mode Security - apart

  • Anonymous
    February 06, 2007
    Also check out my article 'Levels of Security in Windows Communication Foundation': http://go.microsoft.com/?linkid=5008388

  • Anonymous
    June 28, 2007
    Hi, As per my understanding,following types of security are provided in wcf 1)Transport 2)Message 3)Both 4)TransportwithMessageCredential 5)TransprotCredentialOnly You have mentioned only three types of security modes.Can you clarify on which mode out of the above 5 are you referring to in mixed mode. Also which one of these are the fastest. Cheers Rajiv

  • Anonymous
    August 20, 2007
    Hi Rajiv,   The 4 you have is the same as 3. The 5 you have pointed out is the same as 1, just pure transport security, right? Govind

  • Anonymous
    October 24, 2010
    javascript:WebForm_DoPostBackWithOptions(new WebForm_PostBackOptions("ctl00$content$ctl00$fragment_32172$ctl01$ctl00$ctl00$ctl05$bpCommentForm$ctl05$btnSubmit", "", true, "BlogPostCommentForm-ctl00_content_ctl00_fragment_32172_ctl01_ctl00", "", false, true))