none
how to check my wcf service is secured after giving message level security? RRS feed

  • Question

  • i have two question.

    1) how to give message level security ? do i need to write something special in config file at service end and client end ?

    please show me with sample example code to show me how to give message level security in config file.

    2) how could i be sure that wcf message is passing between client and server securely. can i use fiddler to check it.

    please guide me how to check and see message is secured by using any tool. thanks

    Friday, December 2, 2016 12:44 PM

Answers

  • Hi Mou_inn,

    >> please show me with sample example code to show me how to give message level security in config file.

    Which message security do you want? There are many possible credential types, None, Windows, Username, Certificate and Issued Token.

    For choosing message security, I suggest you refer the link below:

    # Message Security

    https://msdn.microsoft.com/en-us/library/ff647344.aspx

    Best Regards,

    Edward


    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.

    • Marked as answer by Sudip_inn Monday, December 5, 2016 9:23 AM
    Monday, December 5, 2016 6:07 AM
  • Hi Mou_inn,

    It seems you could try Fiddler to capture WCF Request and response.

    # How to use Fiddler to monitor WCF service

    http://stackoverflow.com/questions/4629800/how-to-use-fiddler-to-monitor-wcf-service

    Best Regards,

    Edward


    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.

    • Marked as answer by Sudip_inn Monday, December 19, 2016 9:32 AM
    Wednesday, December 7, 2016 6:11 AM

All replies

  • Hi Mou_inn,

    >> please show me with sample example code to show me how to give message level security in config file.

    Which message security do you want? There are many possible credential types, None, Windows, Username, Certificate and Issued Token.

    For choosing message security, I suggest you refer the link below:

    # Message Security

    https://msdn.microsoft.com/en-us/library/ff647344.aspx

    Best Regards,

    Edward


    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.

    • Marked as answer by Sudip_inn Monday, December 5, 2016 9:23 AM
    Monday, December 5, 2016 6:07 AM
  • <binding name="BindingMessage">
       <security mode="Message">
          <message clientCredentialType="Windows"
    negotiateServiceCredential="true" />
       </security>
    </binding>

    suppose i am after message level security with clientCredentialType is Username.

    so when i will test the web service creating proxy from my pc then i want to check how data is passing from client to service end securely ?

    can i simulate and see the security by fiddler tool. guide me how to check service is securely passing data from client to server and vice versa. thanks

    Monday, December 5, 2016 9:26 AM
  • Hi Mou_inn,

    It seems you could try Fiddler to capture WCF Request and response.

    # How to use Fiddler to monitor WCF service

    http://stackoverflow.com/questions/4629800/how-to-use-fiddler-to-monitor-wcf-service

    Best Regards,

    Edward


    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.

    • Marked as answer by Sudip_inn Monday, December 19, 2016 9:32 AM
    Wednesday, December 7, 2016 6:11 AM