<messageSenderAuthentication> element
Specifies authentication options for peer-to-peer message senders.
For more information about peer-to-peer programming, see Peer to Peer Networking.
Schema Hierarchy
<system.serviceModel>
<behaviors>
<endpointBehaviors>
<behavior> of <endpointBehaviors>
<clientCredentials>
<peer> of <clientCredentials> Element
<messageSenderAuthentication> element
Syntax
<messageSenderAuthentication
customCertificateValidatorType= "namespace.typeName, [,AssemblyName] [,Version=version number] [,Culture=culture] [,PublicKeyToken=token]"
certificateValidationMode = "ChainTrust/None/PeerTrust/PeerOrChainTrust/Custom"
revocationMode="NoCheck/Online/Offline"
trustedStoreLocation="CurrentUser/LocalMachine"
/>
Attributes and Elements
The following sections describe attributes, child elements, and parent elements
Attributes
Attribute | Description |
---|---|
customCertificateValidatorType |
A type and assembly used to validate a custom type. This attribute must be set when certificateValidationMode is set to Custom. |
certifcateValidationMode |
Specifies one of three modes used to validate credentials. If set to Custom, then a customCertificateValidator must also be supplied. |
revocationMode |
One of the modes used to check for a revoked certificate lists (CRL). |
trustedStoreLocation |
One of the two system store locations: LocalMachine or CurrentUser. This value is used when a service certificate is negotiated to the client. Validation is performed against the Trusted People store in the specified store location. |
Child Elements
None.
Parent Elements
Element | Description |
---|---|
Specifies a credential used for authenticating the client to a peer service. |
Remarks
This element must be configured if message authentication is chosen. For output channels, each message is signed using the certificate provided by <certificate> Element. All messages, before delivered to the application, are checked against the message credential using the validator specified by the customCertificateValidatorType attribute of this element. The validator can either accept or reject the credential.
Example
The following code sets the message sender validation mode to PeerOrChainTrust.
<behaviors>
<endpointBehaviors>
<behavior name="MyEndpointBehavior">
<clientCredentials>
<peer>
<certificate findValue="www.contoso.com"
storeLocation="LocalMachine"
x509FindType="FindByIssuerName" />
<messageSenderAuthentication
certificateValidationMode="PeerOrChainTrust" />
<messageSenderAuthentication certificateValidationMode="None" />
</peer>
</clientCredentials>
</behavior>
</endpointBehaviors>
See Also
Reference
X509PeerCertificateAuthentication
MessageSenderAuthentication
MessageSenderAuthentication
X509PeerCertificateAuthenticationElement
Other Resources
Working with Certificates
Peer to Peer Networking
Peer Channel Message Authentication
Peer Channel Custom Authentication
Best Practices for Securing PeerChannel Applications