Support us .Net Basics C# SQL ASP.NET Aarvi MVC Slides C# Programs Subscribe Download

Part 51 - Message confidentiality and integrity with transport security

Suggested Videos
Part 48 - Controlling WCF message protection using ProtectionLevel parameter
Part 49 - WCF bindings and the impact on message protection
Part 50 - Authentication in WCF

In this video, we will discuss Message confidentiality and integrity with transport security

In Part 47, we discussed Message confidentiality and integrity with message based security. Out of the box, wsHttpBinding provides message based security. Message based security automatically encrypts and signs the message to provide confidentiality and integrity. We have practically seen this in Part 47, by inspecting the logged messages.

Out of the box, netTcpBinding provides transport security. Even with transport security, all messages are encrypted and signed. Let's discuss this with an example. 

We will continue with the example, that we worked with in Part 50. At the moment we are using netTcpBinding which provides transport security. Now enable message logging. We discussed enabling message logging in Part 9 of WCF video tutorial.

Run the WCF service and the client. When you inspect the logged messages, surprisingly they are in plain text. The reason for this is that, the messages are encrypted and signed at the transport layer. By the time the message is arrived at the log it is already decrypted. Hence, they appear in plain text. 

wcf tutorial

No comments:

Post a Comment

It would be great if you can help share these free resources