none
WCF Security | Different ProtectionLevel on client and server side RRS feed

  • Question

  • Hi,

    I have self-hosted my WCF service as shown below:

                NetTcpBinding netTcpBinding = new NetTcpBinding();
                netTcpBinding.Security.Mode = SecurityMode.Transport;
                netTcpBinding.Security.Transport.ProtectionLevel = System.Net.Security.ProtectionLevel.None;
    
                ServiceHost serviceHost = new ServiceHost(typeof(Service),
                    new Uri("net.tcp://localhost:2345/Service"));
    
                serviceHost.AddServiceEndpoint(new ServiceEndpoint(ContractDescription.GetContract(typeof(IService)),
                    netTcpBinding,
                    new EndpointAddress("net.tcp://localhost:2345/Service")));
    
                serviceHost.Open();


    Note that the protection level is set as None (Default is EncryptAndSign). 

    I have following client side code:

                ChannelFactory<IService> channelFactory = new ChannelFactory<IService>(new NetTcpBinding(),
                    new EndpointAddress("net.tcp://localhost:2345/Service"));
                IService serviceClient = channelFactory.CreateChannel();
                Console.WriteLine(serviceClient.GetData());
                Console.WriteLine("Press any key to continue.....");
                Console.ReadKey();

    Note that here, NO configuration is provided for security (Default used will be Transport and EncryptAndSign).

    The code works! Queries -

    1. What is the protectionLevel used for above communication?

    2. How can we check what protectionLevel is used for a communication in general (i.e. any tools) ?

    Thanks!

    Monday, July 14, 2014 1:13 PM

Answers

  • Hi,

    >>What is the protectionLevel used for above communication
    When in the service side we have set the ProtectionLevel = ProtectionLevel.None then then the consumers of the service can use anything, such as ProtectionLevel.Sign, or ProtectionLevel.EncryptAndSign.

    For more information, please try to refer to:
    #WCF protectionLevel:
    http://blog.adilakhter.com/2009/08/06/wcf-security-wcf-performance-protectionlevel-part-1/ .

    >>How can we check what protectionLevel is used for a communication in general (i.e. any tools)

    In my mind, we can use the fiddler to get the response and request message to see whether it has been Encrypted or Signed or not.

    #DownLoad Fiddler:
    http://www.telerik.com/fiddler .

    Best Regards,
    Amy Peng


    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.

    Tuesday, July 15, 2014 7:58 AM
    Moderator

All replies

  • Hi,

    >>What is the protectionLevel used for above communication
    When in the service side we have set the ProtectionLevel = ProtectionLevel.None then then the consumers of the service can use anything, such as ProtectionLevel.Sign, or ProtectionLevel.EncryptAndSign.

    For more information, please try to refer to:
    #WCF protectionLevel:
    http://blog.adilakhter.com/2009/08/06/wcf-security-wcf-performance-protectionlevel-part-1/ .

    >>How can we check what protectionLevel is used for a communication in general (i.e. any tools)

    In my mind, we can use the fiddler to get the response and request message to see whether it has been Encrypted or Signed or not.

    #DownLoad Fiddler:
    http://www.telerik.com/fiddler .

    Best Regards,
    Amy Peng


    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.

    Tuesday, July 15, 2014 7:58 AM
    Moderator
  • Thank you Amy. It helped!
    Friday, July 18, 2014 6:42 AM