locked
WS2007HttpBinding changing to WSHttpBinding when security mode="None" RRS feed

  • Question

  • User768014394 posted

    I noticed that if I create a WCF service using WS2007HttpBinding and I set the security Mode from "Message" to "None" and refresh the service reference in the client, the client's binding changes to WSHttpBinding in the config file.

    In my company we develop locally using the Visual Studio Development Server in VS2010 (we will be upgrading to VS2013 soon) instead of IIS running locally, then we have a QA and production environment.  Due to the nature of the business we do, we typically use Transport security for our services, but as far as I know, we cant use Transport security with Visual Studio Development Server.

    We will be needing to use distributed transactions for a big project we'll be starting soon and I am concerned that this is going to be a problem unless we use WS2007HttpBinding with Message security, and change it to Transport via the Web.config transformations.  I'm not a big fan of doing this however because it makes our primary development environment deviate from how QA and production works, which impacts testing.

    Am I correct to assume that WSHttpBinding doesn't support distributed transactions?  If we need to develop against IIS locally (Windows 7 Enterprise) we can do that.  VS2013 has IIS Express which I am hoping will allow HTTPS.  If so, then the binding issue will go away.  I have only limited experience using VS2012 which I believe also has IIS Express as an option, but I don't know if it will be sufficient for this type of development without having to set up the full version of IIS on our workstations (which facilitates setting up the sites, unlike now where you can grab the source code from source control and run it without having to do any additional setup).

    Friday, February 7, 2014 3:29 PM

Answers

  • User-417640953 posted

    Hi desertfoxaz,

    Thank you post the issue to asp.net forum.

    According to your description, I understand that when you change the security mode as none.

    Then the client endpoint binding will be changed to WSHttpBinding from WS2007HttpBinding.

    Well, all of we know that WS2007HttpBinding inherits WSHttpBinding which added transaction, security, reliability.

    On the MSDN we can read :

       The WS2007HttpBinding class adds a system-provided binding similar to WSHttpBinding but uses the Organization for the Advancement

       of Structured Information Standards (OASIS) standard versions of the ReliableSession, Security, and TransactionFlow protocols.

       No changes to the object model or default settings are required when using this binding.

    In my mind, Visual Studio changes it to WSHttpBinding when you set the "none" model security by default for save object resource.

    Hope this helps, thanks.

    Best Regards!
     

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Monday, February 10, 2014 3:36 AM
  • User768014394 posted

    After some research, it appears wsHttpBinding supports transactions.

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Monday, February 10, 2014 12:23 PM

All replies

  • User-417640953 posted

    Hi desertfoxaz,

    Thank you post the issue to asp.net forum.

    According to your description, I understand that when you change the security mode as none.

    Then the client endpoint binding will be changed to WSHttpBinding from WS2007HttpBinding.

    Well, all of we know that WS2007HttpBinding inherits WSHttpBinding which added transaction, security, reliability.

    On the MSDN we can read :

       The WS2007HttpBinding class adds a system-provided binding similar to WSHttpBinding but uses the Organization for the Advancement

       of Structured Information Standards (OASIS) standard versions of the ReliableSession, Security, and TransactionFlow protocols.

       No changes to the object model or default settings are required when using this binding.

    In my mind, Visual Studio changes it to WSHttpBinding when you set the "none" model security by default for save object resource.

    Hope this helps, thanks.

    Best Regards!
     

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Monday, February 10, 2014 3:36 AM
  • User768014394 posted

    That just confirms what I thought.  However, I need to be able to use distributed transactions.  Can I do that with WSHttpBinding?  If not, I need to be able to use Transport security via WS2007HttpBinding when developing on my workstation, without using IIS.

    Monday, February 10, 2014 10:57 AM
  • User768014394 posted

    After some research, it appears wsHttpBinding supports transactions.

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Monday, February 10, 2014 12:23 PM
  • User-417640953 posted

    After some research, it appears wsHttpBinding supports transactions.

    Yes, WSHttpBinding represents an interoperable binding that supports distributed transactions and secure, reliable sessions.

    http://msdn.microsoft.com/en-us/library/system.servicemodel.wshttpbinding(v=vs.110).aspx

    And for more information about WS2007HttpBinding, you can also refer the msdn article.

    http://msdn.microsoft.com/en-us/library/bb675188(v=vs.110).aspx

    Thanks.

    Best Regards!

    Monday, February 10, 2014 9:21 PM