Windows Communication Foundation: Problems with session based services RRS feed

  • Question

  •  I have a problem to establish a WCF Service with a transport level session (SessionMode=SessionMode.Required, InstanceContextMode = InstanceContextMode.PerSession) and the following prerequisites :

    Webserver: IIS 6.0


    - wsHttpBinding

    - security mode="Transport" (https)

    - transport clientCredentialType="Certificate"

    ServiceContract: SessionMode=SessionMode.Required

    ServiceBehavior: InstanceContextMode = InstanceContextMode.PerSession


    Using this configuration I get the following error:

    "Contract requires Session, but Binding 'WSHttpBinding' doesn't support it or isn't configured properly to support it."

    It seems like I can not use server ServiceContract SessionMode.Required with <security mode="Transport" >

    I have read that a session based WCF service is only possible with reliability (reliableSession enabled = true) or message security

    (whereas I don't want to use message security).

    Unfortunately it also seems, that wsHttpBinding cannot be combined with reliableSession and transport security (SSL).

    So enable reliableSession only works for http (but I need to use transport security, among others to verify client's x509 certificate)

    The only workaround that I found is the usage of ASP.NET compatibility and the HttpContext object ! This works fine !

    Does anybody know other solutions for that problem or is it better to use NetTcpBinding with IIS 7 ?

    Does NetTcpBinding work together with x509 certificate verification ?

    Has anybody source examples for secure session based WCF services ?

    Thanks in advance !

    Thursday, March 5, 2009 12:32 PM