tags:

views:

4

answers:

1
Q: 

How does TraceViewer work with a secured WCF service?

Hi!

I have a WCF Service that runs over TCP with Certificate security like this : 

<binding name="netTcpUserNameMessageSecurity" portSharingEnabled="True" transactionFlow="false" transferMode="Buffered" transactionProtocol="OleTransactions" hostNameComparisonMode="StrongWildcard" listenBacklog="10" maxBufferPoolSize="2147483647" maxBufferSize="2147483647" maxConnections="10" maxReceivedMessageSize="2147483647">
                    <readerQuotas maxDepth="2147483647" maxStringContentLength="2147483647" maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647" />
                    <reliableSession ordered="true" inactivityTimeout="infinite" enabled="false" />
                    <security mode="TransportWithMessageCredential">
                        <transport clientCredentialType="Windows" />
                        <message clientCredentialType="UserName" />
                    </security>
                </binding>

When cheking the log in TraceViewer I can see that the data is in clear xml(no encryption). Is the TraceViewer decrypt data or am I really sending all my data in clear xml even when Im using certificate security?

Pleas note that I am running the service and the client on the same machine and the log I am analyzing is from the service.

Best Regards

+1  A: 

You are using transport level encryption which happens outside WCF so your message logging logs the message in the plain text. If you use message level encryption then WCF will get encrypted message from transport channel and logs it (encrypted) next it will process the message in security channel and logs it (decrypted). This logging can be controlled in message logging configuration - logMessagesAtTransportLevel and logMessagesAtServiceLevel.

Ladislav Mrnka  2010-10-22 17:10:55
Yes, LogMessageAtTransportLevel and logMessageAtServiceLevel seemse to be a good place to start. But I have infact tried these and the log is somwat strange så we have tested wireshark and with this tool we can see when the communication is encoded and not.
SnowJim  2010-10-26 07:27:07

related questions

Subsonic Vs NHibernate
How to check For File Lock in C# ?
Is nAnt still supported and suitable for .net 3.5/VS2008?
Limit size of Queue<T> in .NET?
Viewstate invalid when using Safari
Free OCR library
Unhandled Exception Handler in .NET 1.1
Localising date format descriptors
Get a new object instance from a Type in C#
VFP .NET OLEdb provider does not work in Win 64-Bits. Help
.NET Testing Framework Advice
Embedded Database for .net that can run off a network
Automatically update version number
Homegrown consumption of web services
How do you migrate a large app from VB6 to VB .net ?
.NET Migrations Engine
Adding Scripting functionality to .NET applications
SQLite and XSD
Floating Point Number parsing: Is there a Catch All algorithm?
How do I programmatically create a PDF in my .NET application?
How do I sync the SVN revision number with my ASP.NET web site?
XSD DataSets and ignoring foreign keys
Anatomy of a "Memory Leak"
Reliable Timer in a Console Application
How do I calculate relative time?