Part 49 WCF bindings and the impact on message protection

http://bit.do/dQ2Ji Secret discount page at Wcfstorm.
Link for all dot net and sql server video tutorial playlists http://www.youtube.com/user/kudvenkat/playlists Link for slides, code samples and text version of the video http://csharp-video-tutorials.blogspot.com/2014/04/part-49-wcf-bindings-and-impact-on_15.html In this video we will discuss, what happens, if the binding does not provide security, and you have explicitly set ProtectionLevel other than None This is continuation to Part 48. Please watch Part 48 before proceeding. What happens if the binding does not provide security, and you have explicitly set ProtectionLevel other than None An exception will be thrown. For example, out of the box security is not enabled for basicHttpBinding. So, if you set ProtectionLevel other than None using the ProtectionLevel named parameter as shown below [ServiceContract] public interface IHelloService { [OperationContract(ProtectionLevel = ProtectionLevel.None)] string GetMessageWithoutAnyProtection(); [OperationContract(ProtectionLevel = ProtectionLevel.Sign)] string GetSignedMessage(); [OperationContract(ProtectionLevel = ProtectionLevel.EncryptAndSign)] string GetSignedAndEncryptedMessage(); } and if you use basicHttpBinding in the config file [endpoint address="HelloService" binding="basicHttpBinding" contract="HelloService.IHelloService"/] The following exception will be be thrown Unhandled Exception: System.InvalidOperationException: The request message must be protected. This is required by an operation of the contract ('IHelloService','http://tempuri.org/'). The protection must be provided by the binding ('BasicHttpBinding','http://tempuri.org/'). In general ProtectionLevel parameter is used to enforce the minimum level of protection required. If the binding does not provide that minimum level of protection then an exception will be thrown.