WCF nettcpbinding Transport Security Mode (1) nettcpsecurity definition

By default, NetTcpBinding generates a Run-time communication stack that uses transport security.

There are four constructors for the NetTcpBinding class, respectively:

Q nettcpbinding (). Initializes a new instance of the NetTcpBinding class.

Q nettcpbinding (SecurityMode). Initializes a new instance of the NetTcpBinding class with the specified security type used.

Q nettcpbinding (String). Initializes a new instance of the NetTcpBinding class with the specified configuration name.

Q nettcpbinding (SecurityMode, Boolean). Initializes a new instance of the NetTcpBinding class with the specified security type used and a value indicating whether the security session is explicitly enabled.

The NetTcpBinding class has an attribute of type nettcpsecurity named security. nettcpsecurity Specifies the type of transport-level security and message-level security used by endpoints configured with NetTcpBinding. Code Listing 11-8 is the definition of nettcpsecurity (some members).

Code Listing 11-8 nettcpsecurity definition

public sealed class nettcpsecurity
    
{
    
    //Fields
    
    Internal Const SECURITYMODE = Securitymode.transport;
    
    Methods public
    
    nettcpsecurity ();
    
      
    
    Public messagesecurityovertcp message {get; set;}
    
    Public SecurityMode Mode {get; set;}
    
    Public tcptransportsecurity Transport {get; set;}
    
}

As you can see from the above code, nettcpsecurity sets the security mode for nettcpbinding and specifies the transport and message security details according to Safe mode. Also, you can see that by default, the type of transport security that nettcpsecurity sets for nettcpbinding is transport. If the security type is transport, then you need to set the value of the Tcptransportsecurity property, tcptransportsecurity the definition as shown in Listing 11-9.

Code Listing 11-9 tcptransportsecurity definition (partial code)

public sealed class Tcptransportsecurity
    
{
    
    internal const TCPCLIENTCREDENTIALTYPE Defaultclientcredentialtype = tcpclientcredentialtype.windows;
    
    Internal const ProtectionLevel Defaultprotectionlevel = protectionlevel.encryptandsign;
    
     
    
    [DefaultValue (1)]
    
    Public Tcpclientcredentialtype clientCredentialType {get  ; set;}
    
    Public Extendedprotectionpolicy Extendedprotectionpolicy {get  ; set;}
    
    [DefaultValue (2)]
    
    Public Protectionlevelprotectionlevel {get; set;}
    
}

The above code exposes the three properties of Tcptransportsecurity, where the clientCredentialType property is used to get or set the client credential type for authentication The Extendedprotectionpolicy property is used to get or set the extended protection policy for the TCP transport; ProtectionLevel is used to set the protection level. By default, the client credential type is set to Windows and the protection level is encryptandsign.

The following series of blogs explores the security configuration under nettcpbinding through examples.

---------------------------------------Note: This part of the text is adapted from the ". NET Security Secrets"

Author: Hyun-Soul

Source: http://www.cnblogs.com/xuanhun/

See more highlights of this column: http://www.bianceng.cnhttp://www.bianceng.cn/Programming/net/