How can I implement WS-Security at JQuery end?

Question

I followed this codeproject sample.
At the Consuming the Service Exposed with wsHttpBinding in JQuery section it's written that:

A service exposed with “wsHttpBinding” binding implements WS-Security of WS-* family of web service specifications. As the binding uses security, the request will be rejected. The service cannot be called without implementing WS-Security at JQuery end. So, in order to call the service method, we have to compromise with the security.

and they are implementing a Non-secure <wsHttpBinding> Endpoint.

But I want my <wsHttpBinding> will be <security mode="Message">,
This off-course doesn't works and returning the following error:

The message could not be processed. This is most likely because the action 'http://www.enghouse.com/CosmoCom/WebAdminAPIServiceLibrary/IQueue/GetAllQueues' is incorrect or because the message contains an invalid or expired security context token or because there is a mismatch between bindings. The security context token would be invalid if the service aborted the channel due to inactivity. To prevent the service from aborting idle sessions prematurely increase the Receive timeout on the service endpoint's binding.

If I will change this to <security mode="None"> it works perfectly.

So my question is how can I implement <security mode="Message">?
What I need to do?

Thanks!

Answer 1

Check out Ws.js. It is a JavaScript library that helps implement ws-security.

Personally I would only do this if I have to integrate a web client with an existing WCF service that I do not have the source code for. The overhead is too large to maintain the SOAP protocol and WCF security for a web client without any added benefit. If you control the source for this service I would provide a REST API for the web client using ASP.NET Web API and use SSL with HTTP basic security.