This project is read-only.

HTTPS and self-hosting

Topics: Web Api
Nov 5, 2010 at 2:42 AM

I'm trying some security scenarios with HTTPS and self-hosting and I'm getting the following exception when trying to open the host:

    "Unhandled Exception: System.InvalidOperationException: The security capabilities of binding 'System.ServiceModel.Channels.CustomBinding' do not match those of the generated runtime object. Most likely this means the binding contains a     StreamSecurityBindingElement, but lacks a TransportBindingElement that supports Stream Security (such as TCP or Named Pipes). Either remove the unused StreamSecurityBindingElement or use a transport that supports this element."

I think that this is due to the following: the new channel listener (HttpMessageEncodingChannelListener) does not propagate the GetProperty queries to the inner channel. Due to this, the security property of the HTTPS transport channel is not visible.

I added the following to this channel listener and was able to sucessfully open the host.

    public override T GetProperty<T>(){

            var t = base.GetProperty<T>();

            return t ?? innerListener.GetProperty<T>();        


Am I right?



Ps. Once again, thanks for making the source available. I could never get around this without it.

Nov 6, 2010 at 3:31 AM

I found what seems to be another problem,

The new channel (that converts from a old Message into a new HttpMessage) also does not copy the MessageSecurityProperty when it creates the HttpMessage, meaning that the ServiceSecurityContext is not available at the operation.

I found this while trying to do a processor that extracts the identity information from the context and outputs it as an output argument, so that it can be bound to an operation argument.