stackoom
  简体   繁体   中英

In WCF, when should we use TransportCredentialOnly security mode?

 原文  2017-12-03 14:28:08       c#/ asp.net/ wcf

Question

I know TransportCredentialOnly security mode is not secure. The TransportCredentialOnly security mode option passes the user credentials without encrypting. It is really confusing me, when should we use this security mode in BasicHttpBinding ??

1 answers

solution1
 0  2018-03-09 10:22:46

TransportCredentialOnly can be useful if the transport security is provided at a lower level than HTTPS (eg using IPSec) (ref: https://msdn.microsoft.com/en-gb/library/ff648505.aspx )

This might be the case if you're using a load balancer to provide HTTPS to the clients, but using HTTP between the load balancer and your backend servers. You could use TransportCredentialOnly on the service bindings and Transport on the client bindings.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Create a custom IIdentity in WCF REST when binding security is TransportCredentialOnly Using Both HTTP and HTTPS in same WCF Binding - Changing <security mode=“Transport”> to <security mode=“TransportCredentialOnly”> In Code Which WCF security mode to use Error when change security mode in wcf service WCF Security Mode TransportWithMessageCredential What's the best WCF security mode when SSL is not an option WCF easiest security mode to implement WCF - when should i use netTcpBinding When should we use public and when private? When, if ever, should we use const?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM