Should I use basicHttpBinding or WsHttpBinding for creating a secure Java Client?

Question

I've spent hours today trying to get a very simple WCF Service and a Java Client to communicate with each other. I've only been successful on getting the Service and Client to communicate using a basicHttpBinding with no security enabled.

I would like to have the contents encrypted over the wire. I've tried using the basicHttpBinding config of this:

  <basicHttpBinding>
    <binding name="bindingConfig">
      <security mode="Transport">
        <transport clientCredentialType="Windows" />
      </security>
    </binding>
  </basicHttpBinding>

This now pretty much causes tons of problems because when my service is hosted on IIS I get certificate errors when trying to test the WCF service locally (VS2012 using WCF Test Client), browsing to the WSDL with any browser, and when using Svcutil/wsimport utilities to generate clients.

What I don't understand is when I was using WsHttpBinding and using Transport/Windows security I never had certificate issues, why is that?

What is the easiest way for me to implement what I am after anyone have thoughts?

Answer 1

WCF and Java compatibility is a little bit complicated.

First of all, which framework do you use in Java ?

Secondly, on the WCF side, you should better use a custom binding instead of a wsHttpBinding. You can easily convert your binding using this tool. With your binding it will give :

<customBinding>
  <binding name="NewBinding0">
    <textMessageEncoding MessageVersion="Soap11" />
    <httpsTransport authenticationScheme="Negotiate" />
  </binding>
</customBinding>

Now you just have to configure the Java side or adapt the WCF configuration, to enable SOAP12, instead of SOAP11. Let me know if it works.