HowTo: disable WCF security

HowTo: disable WCF security

am 16.04.2008 20:24:00 von herbert

Question 1: How do I turn off WCF security to get my apps out the door quickly?
Question 2: Where can I find a step by step article/flowchart how to
configure WCF security (the WCF books miss this point)?

Background:
I have a WCF client / WCF host pair running fine on the same machine.
Metadata is offered both via basicHttp and netTcp.
Services are offered via netTcp.

When distributing the WCF client on the intranet, everybody (my fellow
programmers) can access the Metadata and "Add Service Reference" to their
client apps. However nobody can then access the services.
The error message/exception on the client is something like "host rejected"
without further info.

The WCF host runs under administrator, firewall etc. disabled.

WinXP on all computers.

Since the WCF host does not provide anything secret I'd like to turn off all
security checks on the WCF host altogether.

And the security chapters in the five+ WCF books in front of me give me lots
of lectures on security principles however no step by step guidance about how
to implement it.

thank you very much. herbert

Re: HowTo: disable WCF security

am 16.04.2008 21:59:22 von sloan

You can config do it via binding information:

Some examples:

Of course the key is "security mode"...This should be enough to google on at
least.











































Here is one: I'm not sure what Transport is offhand. I could probably put
"none" in here as well.





hostNameComparisonMode="StrongWildcard"

maxBufferSize="1000000"

maxConnections="255"

maxReceivedMessageSize="1000000"

receiveTimeout="00:59:00"

transactionFlow="false">











Then your end point needs to associate the binding:

example:



address = "http://localhost:8001/ZebraControllerFascade"

binding = "wsHttpBinding" bindingConfiguration="WSHttpBindingName1"

contract =
"MeasInc.Applications.ScoringCenter.Interfaces.Zebra.Control lers.IZebraController"
>







"herbert" wrote in message
news:A2E38213-1171-4DA1-8FAF-BC7D4DE33857@microsoft.com...
> Question 1: How do I turn off WCF security to get my apps out the door
> quickly?
> Question 2: Where can I find a step by step article/flowchart how to
> configure WCF security (the WCF books miss this point)?
>
> Background:
> I have a WCF client / WCF host pair running fine on the same machine.
> Metadata is offered both via basicHttp and netTcp.
> Services are offered via netTcp.
>
> When distributing the WCF client on the intranet, everybody (my fellow
> programmers) can access the Metadata and "Add Service Reference" to their
> client apps. However nobody can then access the services.
> The error message/exception on the client is something like "host
> rejected"
> without further info.
>
> The WCF host runs under administrator, firewall etc. disabled.
>
> WinXP on all computers.
>
> Since the WCF host does not provide anything secret I'd like to turn off
> all
> security checks on the WCF host altogether.
>
> And the security chapters in the five+ WCF books in front of me give me
> lots
> of lectures on security principles however no step by step guidance about
> how
> to implement it.
>
> thank you very much. herbert