[WCF Security Series] binding, security mode, and client credential type: Summary

Source: Internet
Author: User

For several common binding types, what security modes are supported, and what authentication methods can be used for various security modes (determined by the client credential type ), these are described in detail in the previous series of articles. Next, we will summarize the Security modes of different types of systems through the form of tables.

I. system pre-defined binding support for different security Modes

The following table indicates that the system pre-defined binding supports different security modes (WSHttpBinding and WS2007HttpBinding have the same security mode support policies, and only WSHttpBinding is listed here ).

BasicHttpBinding WSHttpBinding WSDualHttpBinding NetNamedPipeBinding NetTcpBinding NetMsmqBinding
None Default Yes Yes Yes Yes Yes
Transport Yes Yes No Default Default Default
Message Yes Default Default No Yes Yes
Mixed Yes Yes Yes No Yes No
Both No No No No No Yes
TransportCredentialOnly Yes No No No No No

For this table, we can see that:

  • All bindings can adopt no secure transmission mechanism, that is, None safe mode is supported;
  • The default BasicHttpBinding mode is None, the WS-related binding mode is Message, and the LAN-related binding mode is Transport;
  • Except NetNamedPipeBinding, all bindings support Message security mode;
  • All bindings that support Message mode support the Mixed mode except NetMsmqBinding;
  • Except WSDualHttpBinding, all bindings support the Transport mode;
  • Only BasicHttpBinding supports the TransportCredentialOnly mode;
  • Only NetMsmqBinding supports the Both security mode.
Ii. Support for different Transport client creden by predefined system binding

Next, let's compare the common system definitions that we introduced earlier. What are the differences in client credential type set support when binding in Transport security mode.

BasicHttpBinding WSHttpBinding WSDualHttpBinding NetNamedPipeBinding NetTcpBinding NetMsmqBinding
None Default Yes - No Yes No
Basic Yes Yes - No No No
Digest Yes Yes - No No No
Windows Yes Default - Default Default Default
Ntlm Yes Yes - No No No
Certificate Yes Yes - No Yes No

We can see from the data in the following table:

  • Three HTTP-based bindings (excluding WSDualHttpBinding that does not support Transport security mode) Support all types of client creden( (in fact, the client credentialtype is represented by enumeration HttpClientCredentialType );
  • Except for BasicHttpBinding, which uses None as the client credential type (anonymous client) by default, the default client credential types bound to other clients are Windows;
  • NetTcpBinding supports three types of client credennone: None, Windows, and Certificate;
  • NetNamedPipeBinding and NetMsmqBinding support the unique client credential type Windows.

3. Support for different Message client creden by predefined binding

The support for different types of client creden。 in Message mode (or Mixed mode) is very clear. Besides BasicHttpBinding, all other bindings (excluding NetNamedPipeBinding that does not support Message security mode) Use MessageCredentialType to indicate the type of client creden. In Message mode, the support for different types of bindings for different client credential sets is reflected in the following table.

BasicHttpBinding WSHttpBinding WSDualHttpBinding NetNamedPipeBinding NetTcpBinding NetMsmqBinding
None No Yes Yes - Yes Yes
User Name Default Yes Yes - Yes Yes
Windows No Default Default - Default Default
Certificate Yes Yes Yes - Yes Yes
IssuedToken No Yes Yes - Yes Yes

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.