Implementing Simple Message Security Using WsHttpBinding

In this exercise we will replace basicHttpBinding by wsHttpBinding. Thus we secure the HTTP request mechanism that secures the message using message security.
 
Task 1: Open "App.Config" of the "WCF_ConsleHost" project and change the endpoint binding from "basicHttpBinding" to "wsHttpBinding".
 
Task 2: Run the host application using the "Ctrl+F5" button combination of the keyboard. (Note: "Ctrl+F5" will run the client application also, so close it). Right-click on the "MyRef" service reference and select "Update Service Reference". This will change the App.Config file for the client application. Close the host application. The App.config file generated will be as below:

<?xml version="1.0" encoding="utf-8" ?>

<configuration>

  <system.diagnostics>

    <sources>

      <source name="System.ServiceModel.MessageLogging" switchValue="Warning, ActivityTracing">

        <listeners>

          <add type="System.Diagnostics.DefaultTraceListener"

          name="Default">

            <filter type="" />

          </add>

          <add name="ServiceModelMessageLoggingListener">

            <filter type="" />

          </add>

        </listeners>

      </source>

      <source name="System.ServiceModel" switchValue="Information,ActivityTracing"

      propagateActivity="true">

        <listeners>

          <add type="System.Diagnostics.DefaultTraceListener"

          name="Default">

            <filter type="" />

          </add>

          <add name="ServiceModelTraceListener">

            <filter type="" />

          </add>

        </listeners>

      </source>

    </sources>

    <sharedListeners>

      <add initializeData="G:\Mahesh_Practice\MSNET35\PSPL\NewTraining\SpotDemos\WCF\WCF _ServiceHostClient_NewDignostic\WinForm_WCFClinet\app_messages.svclog"

      type="System.Diagnostics.XmlWriterTraceListener, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"

      name="ServiceModelMessageLoggingListener" traceOutputOptions="Timestamp">

        <filter type="" />

      </add>

      <add initializeData="G:\Mahesh_Practice\MSNET35\PSPL\NewTraining\SpotDemos\WCF\WCF _ServiceHostClient_NewDignostic\WinForm_WCFClinet\app_tracelog.svclog"

      type="System.Diagnostics.XmlWriterTraceListener, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"

      name="ServiceModelTraceListener" traceOutputOptions="Timestamp">

        <filter type="" />

      </add>

    </sharedListeners>

    <trace autoflush="true" />

  </system.diagnostics>

  <system.serviceModel>

    <diagnostics wmiProviderEnabled="false">

      <messageLogging logEntireMessage="true"

logMalformedMessages="true" logMessagesAtTransportLevel="true" />

    </diagnostics>

    <bindings>

      <wsHttpBinding>

        <binding name="WSHttpBinding_IService" closeTimeout="00:01:00"

        openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"

        bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard"

        maxBufferPoolSize="524288" maxReceivedMessageSize="65536" messageEncoding="Text" textEncoding="utf-8"

        useDefaultWebProxy="true" allowCookies="false">

          <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"

          maxBytesPerRead="4096" maxNameTableCharCount="16384"

/>

          <reliableSession ordered="true" inactivityTimeout="00:10:00"

          enabled="false" />

          <security mode="Message">

            <transport clientCredentialType="Windows" proxyCredentialType="None"

            realm="">

              <extendedProtectionPolicy

    policyEnforcement="Never" />

            </transport>

            <message clientCredentialType="Windows" negotiateServiceCredential="true"

            algorithmSuite="Default" establishSecurityContext="true" />

          </security>

        </binding>

      </wsHttpBinding>

    </bindings>

    <client>

      <endpoint address="http://localhost:9012/MyServ" binding="wsHttpBinding"

      bindingConfiguration="WSHttpBinding_IService" contract="MyRef.IService"

      name="WSHttpBinding_IService">

        <identity>

          <userPrincipalName value="Mahesh-PC\Mahesh" />

        </identity>

      </endpoint>

    </client>

  </system.serviceModel>

</configuration>

Important here is that, basicHttpBinding is not secure, but wsHttpBinding uses "Message" security mode and Message and Transport client credentials type is set to "Windows", this means that the Windows user can make a request to the WCF service.
 
Task 3:
Delete trace and message log files generated in previous steps.
 
Task 4: Run the Host and client. Send a request from the client to the service by clicking on "Add" and "Get Data" button, you will have trace and message log files generated. Open them in "Service Trace Viewer" and select the message and XML generated, you will have a message encrypted as a Cipher value as below:

Message-Security-in-WCF.jpg