The following sections describe attributes, child elements, and parent elements.
Optional. Specifies the type of security that is applied. The default value is Message. This attribute is of type WSFederationHttpSecurityMode.
The SOAP message is not secure during transfer.
Integrity, confidentiality, server authentication and client authentication are provided using SOAP message security. By default, the body is encrypted and signed. The service needs to be configured with a certificate. Client authentication is based on the token issued to the client by a security token service
Integrity, confidentiality and server authentication are provided by HTTPS. The service needs to be configured with a certificate. Client authentication is provided by means of SOAP message security and is based on the token issued to the client by a security token service.