To understand this binding, you need to understand Federations and Realms. A Realm is a single unit of security administration or trust, such as a domain. A Federation is a collection of Realms that have an established trust. This level of trust can differ, but at the least it would include authentication.
A few years ago, Microsoft got together with IBM, BEA, RSA Security, and VeriSign and held meeting designed to define a mechanism that allows different security realms to federate by allowing and brokering trust of identities, attributes, and authentication between web services.
The result of this meeting is the WS-Federation specification and protocol, which is designed to be a building block used in conjunction with other web service technology to provide and support a wide variety of security models.
The WSFederationHttpBinding, therefore, is a binding that offers security and interoperability that supports the WS-Federation protocol. The goal of this binding is to provide a support mechanism for those organizations within a federation to easily and efficiently authenticate users.
WSFederationHttpBinding Properties
The following table is a list of attributes, and their descriptions, that are available to be used with the WSFederationHttpBinding.
Attribute | Description |
---|---|
bypassProxyOnLocal | Boolean value, default of False, which specifies whether or not to bypass the proxy server for local Internet resources. |
closeTimeout | A time interval value, which must be greater than zero, that specifies the amount of time for a close operation to complete. The default value is 1 minute (00:01:00). |
hostnameComparisonMode | Specifies the HTTP hostname comparison node used to parse URIs. Acceptable values are Exact, StrongWildCard, and WeakWildCard. The default value is StrongWildCard. |
maxBufferPoolSize | Specifies the maximum buffer size for a buffer pool, which stores messages processed by the binding. This is an integer value with a default of 512*1024, or 524388. |
maxReceivedMessageSize | Specifies the maximum size of a message, including headers. The number is specified in bytes with a default value of 65536. If a message is larger than the value specified, the sender receives a SOAP fault message and the receiver drops the message and creates an event in the trace log. |
messageEncoding | Defines the type of encoding used to encode the message. Acceptable values are Text (text encoding) and Mtom (Message Transmission Organization Mechanism 1.0 encoder). Default is Text. |
Name | A unique string value that contains the configuration name of the binding. |
openTimeout | A time interval value that specifies the amount of time a message has to complete. Value should be greater than zero. Default is 1 minute (00:01:00). |
privacyNoticeAt | A string value that specifies the URI where the privacy notice is located. |
privacyNoticeVersion | An integer value that specifies the version of the current privacy notice. |
proxyAddress | Used in conjunction with the useDefaultWebProxy attribute. This attribute is a URI that specifies the address of the HTTP proxy. If the useDefaultWebProxy attribute is set to True, this value must be null. |
receiveTimeout | A time interval value that specifies the amount of time a receive operation has to complete. Value should be greater than zero. Default is 1 minute (00:01:00). |
sendTimeout | A time interval value that specifies the amount of time a send operation has to complete. Value should be greater than zero. Default is 1 minute (00:01:00). |
textEncoding | Specifies the character encoding set. Acceptable values are UnicodeFffeTextEncoding, Utf16TextEncoding, and Utf8TextEncoding. Default is Utf8TextEncoding. This value is used for emitting binding messages. |
transactionFlow | Boolean value, default of False, which specifies whether the binding supports flowing WS-Transactions. |
useDefaultWebProxy | Boolean value, default of True, which specifies whether the autoconfigured HTTP proxy should be used if one exists. |
The following example illustrates some of the properties being configured in a configuration file:
<system.serviceModel> <bindings> <wsFederationHttpBinding> <binding name = “wsfedhttpbind” privacynoticeat = “http://localhost:8080/privacynotice” privacyversion = “1” messageencoding = “utf8textencoding” receiveTimeout = “00:00:30”> </binding> </wsFederationHttpBinding> </bindings> </system.ServiceModel>
The same can be done through code, as illustrated here:
WSFederationHttpBinding wsfb = new WSFederationHttpBinding(); wsfb.PrivacyNoticeAt = “http://localhost:8080/privacynotice”; wsfb.PrivacyNoticeVersion = 1; wsfb.MessageEncoding = UTF8TextEncoding; wsfb.ReceiveTimeout = 30000;