<transport> of <netTcpBinding>
Defines the type of message-level security requirements for an endpoint configured with the <netTcpBinding>.
<configuration>
<system.serviceModel>
<bindings>
<netTcpBinding>
<binding>
<security>
<transport>
Syntax
<netTcpBinding>
<binding>
<security mode="None|Transport|Message|TransportWithMessageCredential">
<transport clientCredentialType="None|Windows|Certificate"
protectionLevel="None|Sign|EncryptAndSign"
sslProtocols="Tls|Tls11|Tls12">
<extendedProtectionPolicy policyEnforcement="Never|WhenSupported|Always"
protectionScenario="TransportSelected|TrustedProxy">
<customServiceNames>
</customServiceNames>
</extendedProtectionPolicy>
</transport>
</security>
</binding>
</netTcpBinding>
Attributes and Elements
The following sections describe attributes, child elements, and parent elements
Attributes
| Attribute | Description |
|---|---|
| clientCredentialType | Optional. Specifies the type of credential to be used when performing client authentication using Transport security. - The default value is Windows.- This attribute is of type TcpClientCredentialType. |
| protectionLevel | Optional. Defines security at the level of the TCP transport. Signing messages mitigates the risk of a third party tampering with the message while it is being transferred. Encryption provides data-level privacy during transport. The default value is EncryptAndSign. |
| sslProtocols | A SslProtocols enum flag value that specifies which SslProtocols are supported. The default is Tls|Tls11|Tls12. |
| policyEnforcement | This enumeration specifies when the ExtendedProtectionPolicy should be enforced. 1. Never – The policy is never enforced (Extended Protection is disabled). 2. WhenSupported – The policy is enforced only if the client supports Extended Protection. 3. Always – The policy is always enforced. Clients which don’t support Extended Protection will fail to authenticate. |
clientCredentialType Attribute
| Value | Description |
|---|---|
| None | The client is anonymous. This requires a certificate for the service. |
| Windows | Specifies Windows authentication of the client using SP Negotiation (Kerberos negotiation). |
| Certificate | The client is authenticated using a certificate. This uses SSL Negotiation and requires a certificate for the service. |
protectionLevel Attribute
| Value | Description |
|---|---|
| None | No protection. |
| Sign | Messages are signed. |
| EncryptAndSign | - Messages are encrypted and signed. |
Child Elements
None
Parent Elements
| Element | Description |
|---|---|
| <security> | Specifies the security capabilities of the <netTcpBinding>. |
Remarks
Use Transport security for integrity and confidentiality of the SOAP message and for mutual authentication. If this security mode is selected on a binding, the channel stack is configured using a secure transport and the SOAP messages are secured using transport security such as Windows (Negotiate) or SSL over TCP.
See also
Bendradarbiaukite su mumis dirbdami „GitHub“
Šio turinio šaltinį galima rasti „GitHub“, kur taip pat galite kurti ir peržiūrėti problemas bei teikti užklausas. Daugiau informacijos žr. mūsų bendraautorių vadove.
