Secure MEX Endpoints

In the previous articles about MEX endpoints, I always used the MetadataExchangeBindings class to create the binding for the MEX endpoint. Is it possible to use other bindings with your MEX endpoints? For example, some people want to secure their metadata by configuring the security settings of the binding. The answer turns out to simply be yes. You can put any binding you want for the MEX service endpoint as long as you use the IMetadataExchange contract.

However, if you use your own binding for the MEX endpoint, it will be difficult for people to download your metadata. The svcutil program only knows about the standard MEX bindings. The specific binding it uses is chosen based on the scheme in the endpoint address you provide. This means that if you use a non-standard binding for the MEX endpoint, you need to somehow provide a matching binding for svcutil to work.

Luckily, svcutil.exe reads its configuration from the svcutil.exe.config file in the same directory as the executable. You can put bindings and behaviors into this configuration file to control what happens when retrieving metadata. The endpoint contract should be IMetadataExchange to match the contract on the service and the endpoint name should be the scheme of the MEX protocol that you're using. The elements of the configuration file work the same as for any other application so it's otherwise very similar to setting up the configuration file for a normal service.

Next time: Building a Composite Duplex Binding Element

Comments

• Anonymous
  August 31, 2006
  Today's post is a supplement for those people annoyed that Using Impersonation with Transport Security...