how to enable WCF Session with wsHttpBidning with Transport only Security

Asked 16/4, 2010 at 5:5 Answered 24/4, 2013 at 6:10

.net wcf wcf-security wshttpbinding wcf-sessions

I have a WCF Service currently deployed with basicHttpBindings and SSL enabled. But now i need to enable wcf sessions(not asp sessions) so i moved service to wsHttpBidnings but sessions are not enabled

I have set

[ServiceBehavior(InstanceContextMode = InstanceContextMode.PerSession)]

But when i set

SessionMode=SessionMode.Required

on service contract it says

Contract requires Session, but Binding 'WSHttpBinding' doesn't support it or isn't configured properly to support it.

following is the definition of WSHttpBinding

<wsHttpBinding>
    <binding name="wsHttpBinding">
      <readerQuotas maxStringContentLength="10240" />
      <reliableSession enabled="false" />
      <security mode="Transport">
        <transport clientCredentialType="None">
          <extendedProtectionPolicy policyEnforcement="Never" />
        </transport>
      </security>
    </binding>
  </wsHttpBinding>

please help me with this

Mesocarp answered 16/4, 2010 at 5:5 Comment(0)

If you want "sessions" with wsHttpBinding, you have to use either reliable messaging, or the security sessions.

To enable sessions on wsHttpBinding, you need reliable messaging, and for that, you need to change the setting for reliable session (the tag that looks like this <reliableSession/>) to be enabled - so your new config would look like this:

<wsHttpBinding>
    <binding name="wsHttpBinding">
      <readerQuotas maxStringContentLength="10240" />
      <reliableSession enabled="true" />
      <security mode="Transport">
        <transport clientCredentialType="None">
          <extendedProtectionPolicy policyEnforcement="Never" />
        </transport>
      </security>
    </binding>
  </wsHttpBinding>

Byrne answered 16/4, 2010 at 5:55 Comment(5)

I have tried this before but it throws exception that says "No base address found with http scheme bla bla and reliableSessions are not support with https scheme bla bla" – Mesocarp 16/4, 2010 at 7:22

What can I do if I want to use sessions but I can't do as you suggested since my client is AJAX? since AJAX doesn't support the security context. – Overliberal 6/12, 2012 at 14:46

This answer is incorrect. Reliable Sessions(<reliableSession enabled="true"/>) cannot be used with SSL (<security mode="Transport"/>). – Secularity 24/5, 2013 at 14:59

when i try to use your solution it throws an other exception about not finding HTTPs base address? – Sacerdotal 30/9, 2014 at 14:14

What is " the security sessions" referring to? What is that? – Stayathome 2/3, 2019 at 1:11

-1

well make <security mode="None"> then the "Https expected instead of HTTP error will be fixed.

Rotberg answered 19/6, 2012 at 8:28 Comment(0)

-1

go to your IIS host and Right Click on your Application and choose MangeApplication and Advanced Settings and in Enabled Protocols add "wsHttpBinding".

Podiatry answered 24/4, 2013 at 6:10 Comment(0)

Recommended topics

Hot tags