Windows Communication Framework (WCF) — Eliminating Principals on Endpoints (Part II)
A few days ago I made a post about eliminating security when using WCF. There are plenty of reasons to do this in a particular environment — for me, I handle authentication and authorization at a different level, and I don’t want to rely on an AD server or might not be running code in a domain with Kerberos authentication. Here are the steps I ended up taking:
Firstly, my published service’s app.config:
<bindings>
<netTcpBinding>
<binding name="PCFComms" closeTimeout="00:01:00" openTimeout="00:01:00"
receiveTimeout="23:59:59" sendTimeout="00:01:00">
<reliableSession ordered="true" inactivityTimeout="23:59:59"
enabled="false" />
<security mode="None">
<transport clientCredentialType="None" />
<message clientCredentialType="None" />
</security>
</binding>
</netTcpBinding>
</bindings>
I use Visual Studio’s built in service proxy creator, which gives me this:
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<system.serviceModel>
<bindings>
<netTcpBinding>
<binding name="PCFComms" closeTimeout="00:01:00" openTimeout="00:01:00"
receiveTimeout="23:59:59" sendTimeout="00:01:00" transactionFlow="false"
transferMode="Buffered" transactionProtocol="OleTransactions"
hostNameComparisonMode="StrongWildcard" listenBacklog="10"
maxBufferPoolSize="524288" maxBufferSize="65536" maxConnections="10"
maxReceivedMessageSize="65536">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<reliableSession ordered="true" inactivityTimeout="23:59:59"
enabled="false" />
<security mode="None">
<transport clientCredentialType="None" />
<message clientCredentialType="None" />
</security>
</binding>
</netTcpBinding>
<wsDualHttpBinding>
<binding name="HttpBinding" closeTimeout="00:01:00" openTimeout="00:01:00"
receiveTimeout="00:10:00" sendTimeout="00:01:00" bypassProxyOnLocal="false"
transactionFlow="false" hostNameComparisonMode="StrongWildcard"
maxBufferPoolSize="524288" maxReceivedMessageSize="65536"
messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<reliableSession ordered="true" inactivityTimeout="23:59:59" />
<security mode="None">
<message clientCredentialType="None" negotiateServiceCredential="false" />
</security>
</binding>
</wsDualHttpBinding>
</bindings>
<client>
<endpoint address="net.tcp://10.10.8.192:8700/PCFComms/service"
binding="netTcpBinding" bindingConfiguration="PCFComms"
contract="PCFCommsGateway.PCFCommsService" name="PCFComms" />
<endpoint address="http://10.10.8.192:8701/PCFComms/service"
binding="wsDualHttpBinding" bindingConfiguration="HttpBinding"
contract="PCFCommsGateway.PCFCommsService" name="HttpBinding" />
</client>
</system.serviceModel>
</configuration>
but I instantiate an instance of the service manually:
// Create an instance of the NetTcpBinding and set the
// security mode to none.
NetTcpBinding myBinding = new NetTcpBinding();
myBinding.Security.Mode = SecurityMode.None;
// Create the address string, or get it from configuration.
string tcpUri = "net.tcp://10.10.8.192:8700/PCFComms/";
// Create an endpoint address with the address.
EndpointAddress myEndpointAddress = new EndpointAddress(tcpUri);
// Create an instance of the WCF client.
PCFComms = new PCFCommsGateway.PCFCommsServiceClient(new InstanceContext(this), myBinding, myEndpointAddress);
PCFComms.Open();
