Configure message ProtectionLevel in WCF

On to client and service security in WCF. You can set the protection level of messages sent over the wire at the message, fault, operation and/or service level in WCF. There are three message ProtectionLevel property flavors to set as an attribute. This ensures that any endpoint used for the service will require this protection level as a minimum.

  • None
    Plain text traveling over the wire.
  • Sign
    The message is digitally signed.
    Ensures no modification to the message.
    The message is still plain text.
  • EncryptAndSign
    Before signing, the message is encrypted.
    Ensures no modification to the message and is scrambled.

If, for instance, the EchoService is set a ProtectionLevel of EncryptAndSign on the ServiceContract level, an endpoint with BasicHttpBinding would fail to start up. This is because BasicHttpBinding doesn’t support this protection level by default (it can be enabled).

using System;
using System.Collections.Generic;
using System.Net.Security;
using System.ServiceModel;
 
namespace WcfServiceLibrary.Echo
{
    [ServiceContract(ProtectionLevel = ProtectionLevel.EncryptAndSign)]
    public interface IEchoService
    {
        [OperationContract(IsOneWay = true)]
        void RegisterClient(Guid guid);
 
        [FaultContract(typeof(EchoFault))]
        [OperationContract]
        EchoMessage Echo(EchoMessage message);
 
        [OperationContract]
        List<EchoMessage> GetAllEchos();
    }
}

Using this protection level with a BasicHttpBinding endpoint results in an exception on the host.

System.InvalidOperationException: The request message must be protected. This is required by an operation of the contract [..]. The protection must be provided by the binding [..].

However if we change the endpoint binding to, for instance, wsHttpBinding, the service runs fine. This is because WsHttpBinding supports the EncryptAndSign protection level by default.

Comments are closed.