how to make a WCF Service that is only HTTP as also HTTPS without creating new or breaking existing clients












1















I have a WCF Service that is using basicHttpBinding. That is exposed as HTTP to many clients.



Now our requirement is to expose this service as HTTPS to few new clients while we shouldn't break existing clients that consume over http.



I came across detecting the type of security programmatically and then expose, but is there any other better and easy way for me to do that? Just with the endpoints configuration etc?



I am fairly new to these areas, please help with an example










share|improve this question























  • Create a different endpoint and behavior for httpsEndpoint

    – mahlatse
    Nov 21 '18 at 11:47











  • try to create another endpoint using Transport security and assign a http and https base address in IIS.

    – Abraham Qian
    Nov 23 '18 at 3:19
















1















I have a WCF Service that is using basicHttpBinding. That is exposed as HTTP to many clients.



Now our requirement is to expose this service as HTTPS to few new clients while we shouldn't break existing clients that consume over http.



I came across detecting the type of security programmatically and then expose, but is there any other better and easy way for me to do that? Just with the endpoints configuration etc?



I am fairly new to these areas, please help with an example










share|improve this question























  • Create a different endpoint and behavior for httpsEndpoint

    – mahlatse
    Nov 21 '18 at 11:47











  • try to create another endpoint using Transport security and assign a http and https base address in IIS.

    – Abraham Qian
    Nov 23 '18 at 3:19














1












1








1








I have a WCF Service that is using basicHttpBinding. That is exposed as HTTP to many clients.



Now our requirement is to expose this service as HTTPS to few new clients while we shouldn't break existing clients that consume over http.



I came across detecting the type of security programmatically and then expose, but is there any other better and easy way for me to do that? Just with the endpoints configuration etc?



I am fairly new to these areas, please help with an example










share|improve this question














I have a WCF Service that is using basicHttpBinding. That is exposed as HTTP to many clients.



Now our requirement is to expose this service as HTTPS to few new clients while we shouldn't break existing clients that consume over http.



I came across detecting the type of security programmatically and then expose, but is there any other better and easy way for me to do that? Just with the endpoints configuration etc?



I am fairly new to these areas, please help with an example







c# .net wcf https wcf-security






share|improve this question













share|improve this question











share|improve this question




share|improve this question










asked Nov 21 '18 at 11:00









LearnerLearner

1,98793784




1,98793784













  • Create a different endpoint and behavior for httpsEndpoint

    – mahlatse
    Nov 21 '18 at 11:47











  • try to create another endpoint using Transport security and assign a http and https base address in IIS.

    – Abraham Qian
    Nov 23 '18 at 3:19



















  • Create a different endpoint and behavior for httpsEndpoint

    – mahlatse
    Nov 21 '18 at 11:47











  • try to create another endpoint using Transport security and assign a http and https base address in IIS.

    – Abraham Qian
    Nov 23 '18 at 3:19

















Create a different endpoint and behavior for httpsEndpoint

– mahlatse
Nov 21 '18 at 11:47





Create a different endpoint and behavior for httpsEndpoint

– mahlatse
Nov 21 '18 at 11:47













try to create another endpoint using Transport security and assign a http and https base address in IIS.

– Abraham Qian
Nov 23 '18 at 3:19





try to create another endpoint using Transport security and assign a http and https base address in IIS.

– Abraham Qian
Nov 23 '18 at 3:19












1 Answer
1






active

oldest

votes


















0














Yes there is a better solution as you mentioned with configuration which I have done two days ago for some our services.



Add basicHttpBinding like below:



<basicHttpBinding>
<binding allowCookies="true" openTimeout="00:00:10" maxReceivedMessageSize="20000000">
<readerQuotas maxDepth="32" maxArrayLength="200000000" maxStringContentLength="200000000" />
<security mode="None" />
</binding>
<binding name="secureBasicHttpBinding">
<security mode="Transport">
<transport clientCredentialType="None"/>
</security>
</binding>
</basicHttpBinding>


and service end point:



<service  name="ServiceName">
<endpoint address="rest" behaviorConfiguration="Rest.Behavior" binding="webHttpBinding" contract="System.Data.Services.IRequestHandler">
<identity>
<dns value="localhost"/>
</identity>
</endpoint>
<endpoint address="rest" behaviorConfiguration="Rest.Behavior" binding="webHttpBinding" bindingConfiguration="secureBasicHttpBinding" contract="your service contract">
<identity>
<dns value="localhost" />
</identity>
</endpoint>
<host>
<baseAddresses>
<add baseAddress="http://localhost/Service.svc"/>
</baseAddresses>
</host>
</service>


and in IIS you just need add valid certificate and enable it, https use secureBasicHttpBinding and http use default basic httpConfiguration.



I have tested it before an now some client using that service in https some other are using http.



Tip:



In local mode there is error while hosting WCF services by above config so I came to this conclusion to put that config in release mode not in debug mode, because the https is enable on working server.



so in release config have something like (to be transferred after publishing):



<service  name="ServiceName" xdt:Locator="Match(name)" xdt:Transform="Replace">
<endpoint address="rest" behaviorConfiguration="Rest.Behavior" binding="webHttpBinding" contract="System.Data.Services.IRequestHandler">
<identity>
<dns value="localhost"/>
</identity>
</endpoint>
<endpoint address="rest" behaviorConfiguration="Rest.Behavior" binding="webHttpBinding" bindingConfiguration="secureBasicHttpBinding" contract="your service contract">
<identity>
<dns value="localhost" />
</identity>
</endpoint>
<host>
<baseAddresses>
<add baseAddress="http://localhost/AAA/Service.svc"/>
</baseAddresses>
</host>
</service>





share|improve this answer























    Your Answer






    StackExchange.ifUsing("editor", function () {
    StackExchange.using("externalEditor", function () {
    StackExchange.using("snippets", function () {
    StackExchange.snippets.init();
    });
    });
    }, "code-snippets");

    StackExchange.ready(function() {
    var channelOptions = {
    tags: "".split(" "),
    id: "1"
    };
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function() {
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled) {
    StackExchange.using("snippets", function() {
    createEditor();
    });
    }
    else {
    createEditor();
    }
    });

    function createEditor() {
    StackExchange.prepareEditor({
    heartbeatType: 'answer',
    autoActivateHeartbeat: false,
    convertImagesToLinks: true,
    noModals: true,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: 10,
    bindNavPrevention: true,
    postfix: "",
    imageUploader: {
    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
    allowUrls: true
    },
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    });


    }
    });














    draft saved

    draft discarded


















    StackExchange.ready(
    function () {
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53410664%2fhow-to-make-a-wcf-service-that-is-only-http-as-also-https-without-creating-new-o%23new-answer', 'question_page');
    }
    );

    Post as a guest















    Required, but never shown

























    1 Answer
    1






    active

    oldest

    votes








    1 Answer
    1






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes









    0














    Yes there is a better solution as you mentioned with configuration which I have done two days ago for some our services.



    Add basicHttpBinding like below:



    <basicHttpBinding>
    <binding allowCookies="true" openTimeout="00:00:10" maxReceivedMessageSize="20000000">
    <readerQuotas maxDepth="32" maxArrayLength="200000000" maxStringContentLength="200000000" />
    <security mode="None" />
    </binding>
    <binding name="secureBasicHttpBinding">
    <security mode="Transport">
    <transport clientCredentialType="None"/>
    </security>
    </binding>
    </basicHttpBinding>


    and service end point:



    <service  name="ServiceName">
    <endpoint address="rest" behaviorConfiguration="Rest.Behavior" binding="webHttpBinding" contract="System.Data.Services.IRequestHandler">
    <identity>
    <dns value="localhost"/>
    </identity>
    </endpoint>
    <endpoint address="rest" behaviorConfiguration="Rest.Behavior" binding="webHttpBinding" bindingConfiguration="secureBasicHttpBinding" contract="your service contract">
    <identity>
    <dns value="localhost" />
    </identity>
    </endpoint>
    <host>
    <baseAddresses>
    <add baseAddress="http://localhost/Service.svc"/>
    </baseAddresses>
    </host>
    </service>


    and in IIS you just need add valid certificate and enable it, https use secureBasicHttpBinding and http use default basic httpConfiguration.



    I have tested it before an now some client using that service in https some other are using http.



    Tip:



    In local mode there is error while hosting WCF services by above config so I came to this conclusion to put that config in release mode not in debug mode, because the https is enable on working server.



    so in release config have something like (to be transferred after publishing):



    <service  name="ServiceName" xdt:Locator="Match(name)" xdt:Transform="Replace">
    <endpoint address="rest" behaviorConfiguration="Rest.Behavior" binding="webHttpBinding" contract="System.Data.Services.IRequestHandler">
    <identity>
    <dns value="localhost"/>
    </identity>
    </endpoint>
    <endpoint address="rest" behaviorConfiguration="Rest.Behavior" binding="webHttpBinding" bindingConfiguration="secureBasicHttpBinding" contract="your service contract">
    <identity>
    <dns value="localhost" />
    </identity>
    </endpoint>
    <host>
    <baseAddresses>
    <add baseAddress="http://localhost/AAA/Service.svc"/>
    </baseAddresses>
    </host>
    </service>





    share|improve this answer




























      0














      Yes there is a better solution as you mentioned with configuration which I have done two days ago for some our services.



      Add basicHttpBinding like below:



      <basicHttpBinding>
      <binding allowCookies="true" openTimeout="00:00:10" maxReceivedMessageSize="20000000">
      <readerQuotas maxDepth="32" maxArrayLength="200000000" maxStringContentLength="200000000" />
      <security mode="None" />
      </binding>
      <binding name="secureBasicHttpBinding">
      <security mode="Transport">
      <transport clientCredentialType="None"/>
      </security>
      </binding>
      </basicHttpBinding>


      and service end point:



      <service  name="ServiceName">
      <endpoint address="rest" behaviorConfiguration="Rest.Behavior" binding="webHttpBinding" contract="System.Data.Services.IRequestHandler">
      <identity>
      <dns value="localhost"/>
      </identity>
      </endpoint>
      <endpoint address="rest" behaviorConfiguration="Rest.Behavior" binding="webHttpBinding" bindingConfiguration="secureBasicHttpBinding" contract="your service contract">
      <identity>
      <dns value="localhost" />
      </identity>
      </endpoint>
      <host>
      <baseAddresses>
      <add baseAddress="http://localhost/Service.svc"/>
      </baseAddresses>
      </host>
      </service>


      and in IIS you just need add valid certificate and enable it, https use secureBasicHttpBinding and http use default basic httpConfiguration.



      I have tested it before an now some client using that service in https some other are using http.



      Tip:



      In local mode there is error while hosting WCF services by above config so I came to this conclusion to put that config in release mode not in debug mode, because the https is enable on working server.



      so in release config have something like (to be transferred after publishing):



      <service  name="ServiceName" xdt:Locator="Match(name)" xdt:Transform="Replace">
      <endpoint address="rest" behaviorConfiguration="Rest.Behavior" binding="webHttpBinding" contract="System.Data.Services.IRequestHandler">
      <identity>
      <dns value="localhost"/>
      </identity>
      </endpoint>
      <endpoint address="rest" behaviorConfiguration="Rest.Behavior" binding="webHttpBinding" bindingConfiguration="secureBasicHttpBinding" contract="your service contract">
      <identity>
      <dns value="localhost" />
      </identity>
      </endpoint>
      <host>
      <baseAddresses>
      <add baseAddress="http://localhost/AAA/Service.svc"/>
      </baseAddresses>
      </host>
      </service>





      share|improve this answer


























        0












        0








        0







        Yes there is a better solution as you mentioned with configuration which I have done two days ago for some our services.



        Add basicHttpBinding like below:



        <basicHttpBinding>
        <binding allowCookies="true" openTimeout="00:00:10" maxReceivedMessageSize="20000000">
        <readerQuotas maxDepth="32" maxArrayLength="200000000" maxStringContentLength="200000000" />
        <security mode="None" />
        </binding>
        <binding name="secureBasicHttpBinding">
        <security mode="Transport">
        <transport clientCredentialType="None"/>
        </security>
        </binding>
        </basicHttpBinding>


        and service end point:



        <service  name="ServiceName">
        <endpoint address="rest" behaviorConfiguration="Rest.Behavior" binding="webHttpBinding" contract="System.Data.Services.IRequestHandler">
        <identity>
        <dns value="localhost"/>
        </identity>
        </endpoint>
        <endpoint address="rest" behaviorConfiguration="Rest.Behavior" binding="webHttpBinding" bindingConfiguration="secureBasicHttpBinding" contract="your service contract">
        <identity>
        <dns value="localhost" />
        </identity>
        </endpoint>
        <host>
        <baseAddresses>
        <add baseAddress="http://localhost/Service.svc"/>
        </baseAddresses>
        </host>
        </service>


        and in IIS you just need add valid certificate and enable it, https use secureBasicHttpBinding and http use default basic httpConfiguration.



        I have tested it before an now some client using that service in https some other are using http.



        Tip:



        In local mode there is error while hosting WCF services by above config so I came to this conclusion to put that config in release mode not in debug mode, because the https is enable on working server.



        so in release config have something like (to be transferred after publishing):



        <service  name="ServiceName" xdt:Locator="Match(name)" xdt:Transform="Replace">
        <endpoint address="rest" behaviorConfiguration="Rest.Behavior" binding="webHttpBinding" contract="System.Data.Services.IRequestHandler">
        <identity>
        <dns value="localhost"/>
        </identity>
        </endpoint>
        <endpoint address="rest" behaviorConfiguration="Rest.Behavior" binding="webHttpBinding" bindingConfiguration="secureBasicHttpBinding" contract="your service contract">
        <identity>
        <dns value="localhost" />
        </identity>
        </endpoint>
        <host>
        <baseAddresses>
        <add baseAddress="http://localhost/AAA/Service.svc"/>
        </baseAddresses>
        </host>
        </service>





        share|improve this answer













        Yes there is a better solution as you mentioned with configuration which I have done two days ago for some our services.



        Add basicHttpBinding like below:



        <basicHttpBinding>
        <binding allowCookies="true" openTimeout="00:00:10" maxReceivedMessageSize="20000000">
        <readerQuotas maxDepth="32" maxArrayLength="200000000" maxStringContentLength="200000000" />
        <security mode="None" />
        </binding>
        <binding name="secureBasicHttpBinding">
        <security mode="Transport">
        <transport clientCredentialType="None"/>
        </security>
        </binding>
        </basicHttpBinding>


        and service end point:



        <service  name="ServiceName">
        <endpoint address="rest" behaviorConfiguration="Rest.Behavior" binding="webHttpBinding" contract="System.Data.Services.IRequestHandler">
        <identity>
        <dns value="localhost"/>
        </identity>
        </endpoint>
        <endpoint address="rest" behaviorConfiguration="Rest.Behavior" binding="webHttpBinding" bindingConfiguration="secureBasicHttpBinding" contract="your service contract">
        <identity>
        <dns value="localhost" />
        </identity>
        </endpoint>
        <host>
        <baseAddresses>
        <add baseAddress="http://localhost/Service.svc"/>
        </baseAddresses>
        </host>
        </service>


        and in IIS you just need add valid certificate and enable it, https use secureBasicHttpBinding and http use default basic httpConfiguration.



        I have tested it before an now some client using that service in https some other are using http.



        Tip:



        In local mode there is error while hosting WCF services by above config so I came to this conclusion to put that config in release mode not in debug mode, because the https is enable on working server.



        so in release config have something like (to be transferred after publishing):



        <service  name="ServiceName" xdt:Locator="Match(name)" xdt:Transform="Replace">
        <endpoint address="rest" behaviorConfiguration="Rest.Behavior" binding="webHttpBinding" contract="System.Data.Services.IRequestHandler">
        <identity>
        <dns value="localhost"/>
        </identity>
        </endpoint>
        <endpoint address="rest" behaviorConfiguration="Rest.Behavior" binding="webHttpBinding" bindingConfiguration="secureBasicHttpBinding" contract="your service contract">
        <identity>
        <dns value="localhost" />
        </identity>
        </endpoint>
        <host>
        <baseAddresses>
        <add baseAddress="http://localhost/AAA/Service.svc"/>
        </baseAddresses>
        </host>
        </service>






        share|improve this answer












        share|improve this answer



        share|improve this answer










        answered Nov 21 '18 at 14:36









        AriaAria

        2,7601935




        2,7601935
































            draft saved

            draft discarded




















































            Thanks for contributing an answer to Stack Overflow!


            • Please be sure to answer the question. Provide details and share your research!

            But avoid



            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.


            To learn more, see our tips on writing great answers.




            draft saved


            draft discarded














            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53410664%2fhow-to-make-a-wcf-service-that-is-only-http-as-also-https-without-creating-new-o%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown





















































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown

































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown







            Popular posts from this blog

            How to change which sound is reproduced for terminal bell?

            Can I use Tabulator js library in my java Spring + Thymeleaf project?

            Title Spacing in Bjornstrup Chapter, Removing Chapter Number From Contents