Set transport security on WCF binding using IEndpointBehavior?

Question

Is there a way to set the transport security normally specified in the config of a basicHttpBinding at runtime, possibly by implementing IEndpointBehavior?

Essentially take this:

<binding name="DfsAgentService" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00" allowCookies="false" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard" maxBufferSize="1000000" maxBufferPoolSize="10000000" maxReceivedMessageSize="1000000" messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered" useDefaultWebProxy="true">
                <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384" maxBytesPerRead="4096" maxNameTableCharCount="16384"/>
                <security mode="None"/><!--Transport-->   
            </binding>

And use this (or something else) instead:

namespace Endpoints {
    class DfsEndpoint : IEndpointBehavior{


        #region IEndpointBehavior Members

        void IEndpointBehavior.AddBindingParameters(ServiceEndpoint endpoint, System.ServiceModel.Channels.BindingParameterCollection bindingParameters) {
            throw new NotImplementedException();
        }

        void IEndpointBehavior.ApplyClientBehavior(ServiceEndpoint endpoint, ClientRuntime clientRuntime) {
            throw new NotImplementedException();
        }

        void IEndpointBehavior.ApplyDispatchBehavior(ServiceEndpoint endpoint, EndpointDispatcher endpointDispatcher) {
            throw new NotImplementedException();
        }

        void IEndpointBehavior.Validate(ServiceEndpoint endpoint) {
            throw new NotImplementedException();
        }

        #endregion
    }
}

Is it possible to change the security mode?

Answer 1

I don't think it is possible to do this via an endpoint behavior. Behaviors can't amend the binding configuration early enough.

Howver, it can be done in code a different way. The BasicHttpBinding has a constructor overload which allows the security mode to be specified:

BasicHttpBinding binding = new BasicHttpBinding(BasicHttpSecurityMode.Transport);

This has to be done before the service is started, and assumes you are creating the ServiceHost and Endpoints yourself.