none
Message Contract Protection Level Usage RRS feed

  • Question

  • Dear .NET users, I am trying to understand the functionality of a Protection Level usage within the Message Contract, such as, for example, in this code, that I coped from the MSDN site

    c(ProtectionLevel = ProtectionLevel.EncryptAndSign)] public class Company { [MessageHeader(ProtectionLevel = ProtectionLevel.Sign)] public string CompanyName; [MessageBodyMember(ProtectionLevel = ProtectionLevel.EncryptAndSign)] public string CompanyID; }

    I understand the meaning of different Protection Level enumeration values; however, I am still confused

    about what I have to put on top of the class itself (Company class in this case). In some examples (like here)

    the highest level (EncryptAndSighn) is specified (when this protection level is also present within the class).

    In some examples, it is just the [MessageContract] even though the EncryptAndSign is STILL specified somewhere in the class

    What should I put on top of the class if I want to keep the protection level specifications

    of individual Message Body members and individual Message Header members?

    Should it be the highest values of protection level, value of None, or just the [MessageContract]?

    Thank you very much for your answers




    Friday, December 13, 2013 3:38 PM

Answers

  • Thank you very much for your response. I am going to rephrase the question.

    For the MessageContract attribute, under what conditions (with what consequences) the ProtectionLevel attribute is None or SignAndEncrypt? (Just for the MessageContract, not atributes)

    Hi,

    Please try to check the following:

    • None.
    • Sign. The protected part is digitally signed. This ensures detection of any tampering with the protected message part.
    • EncryptAndSign. The message part is encrypted to ensure confidentiality before it is signed.

    Setting the ProtectionLevel on the topmost API sets the level for all levels below it. If the ProtectionLevel is set to a different value at a lower level, all APIs below that level in the hierarchy will now be reset to the new level (APIs above it, however, will still be affected by the topmost level). The hierarchy is as follows. Attributes at the same level are peers.

    ServiceContractAttribute        

         OperationContractAttribute

                FaultContractAttribute

                 MessageContractAttribute

                         MessageHeaderAttribute

                         MessageBodyMemberAttribute

    For more information, please try to refer to:
    #Understanding Protection Level:
    http://msdn.microsoft.com/en-us/library/aa347692(v=vs.110).aspx .

    Best Regards,
    Amy Peng


    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.

    Wednesday, December 18, 2013 11:32 AM
    Moderator

All replies

  • Thank you very much for your response. I am going to rephrase the question.

    For the MessageContract attribute, under what conditions (with what consequences) the ProtectionLevel attribute is None or SignAndEncrypt? (Just for the MessageContract, not atributes)

    Wednesday, December 18, 2013 7:06 AM
  • Thank you very much for your response. I am going to rephrase the question.

    For the MessageContract attribute, under what conditions (with what consequences) the ProtectionLevel attribute is None or SignAndEncrypt? (Just for the MessageContract, not atributes)

    Hi,

    Please try to check the following:

    • None.
    • Sign. The protected part is digitally signed. This ensures detection of any tampering with the protected message part.
    • EncryptAndSign. The message part is encrypted to ensure confidentiality before it is signed.

    Setting the ProtectionLevel on the topmost API sets the level for all levels below it. If the ProtectionLevel is set to a different value at a lower level, all APIs below that level in the hierarchy will now be reset to the new level (APIs above it, however, will still be affected by the topmost level). The hierarchy is as follows. Attributes at the same level are peers.

    ServiceContractAttribute        

         OperationContractAttribute

                FaultContractAttribute

                 MessageContractAttribute

                         MessageHeaderAttribute

                         MessageBodyMemberAttribute

    For more information, please try to refer to:
    #Understanding Protection Level:
    http://msdn.microsoft.com/en-us/library/aa347692(v=vs.110).aspx .

    Best Regards,
    Amy Peng


    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.

    Wednesday, December 18, 2013 11:32 AM
    Moderator