Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Defines authentication settings for the HTTP transport.
<configuration>
<system.serviceModel>
<bindings>
<wsHttpBinding>
<binding>
<security>
<transport>
XML
<wsHttpBinding>
<binding>
<security mode="None|Transport|TransportWithMessageCredential|TransportCredentialOnly">
<transport clientCredentialType="Basic|Certificate|Digest|None|Ntlm|Windows"
proxyCredentialType="Basic|Digest|None|Ntlm|Windows"
realm="string">
<extendedProtectionPolicy policyEnforcement="Never|WhenSupported|Always"
protectionScenario="TransportSelected|TrustedProxy">
<customServiceNames>
</customServiceNames>
</extendedProtectionPolicy>
</transport>
</security>
</binding>
</wsHttpBinding>
The following sections describe attributes, child elements, and parent elements.
| Attribute | Description |
|---|---|
clientCredentialType |
Specifies the credential used to authenticate the client to the service. This attribute is of type HttpClientCredentialType. |
proxyCredentialType |
Specifies the credential used to authenticate the client to a domain proxy. This attribute is of type HttpProxyCredentialType. |
realm |
A string that specifies the authentication realm for digest or basic authentication. The default is an empty string. An authentication realm specifies at least the name of the host that performs the authentication. It can also specify a collection of users that has access. A user can query the authentication realm to ascertain which one of the several possible usernames and passwords can be used. |
policyEnforcement |
This enumeration specifies when the ExtendedProtectionPolicy should be enforced. 1. Never – The policy is never enforced (Extended Protection is disabled). 2. WhenSupported – The policy is enforced only if the client supports Extended Protection. 3. Always – The policy is always enforced. Clients which don’t support Extended Protection will fail to authenticate. |
| Value | Description |
|---|---|
None |
Security is disabled. |
Basic |
Uses basic authentication. |
Digest |
Uses digest authentication. |
Ntlm |
Uses NTLM authentication as a fallback with a Windows domain. |
Windows |
Uses integrated Windows authentication. |
Certificate |
Uses X.509 certificates to authenticate the client. |
| Value | Description |
|---|---|
None |
Security is disabled. |
Basic |
Uses basic authentication. |
Digest |
Uses digest authentication. |
Ntlm |
Uses NTLM as a fallback with a Windows domain. |
Windows |
Uses integrated Windows authentication. |
Certificate |
Uses X.509 certificates to authenticate the client. |
None.
| Element | Description |
|---|---|
| <security> | Represents the security capabilities of the <wsHttpBinding>. |
Collaborate with us on GitHub
The source for this content can be found on GitHub, where you can also create and review issues and pull requests. For more information, see our contributor guide.
.NET feedback
.NET is an open source project. Select a link to provide feedback: