A secure and interoperable binding that derives from <wsFederationHttpBinding> and supports federated security.



  <binding bypassProxyOnLocal="Boolean"
    <security mode="None/Message/TransportWithMessageCredential">
      <message negotiateServiceCredential="Boolean"
    <reliableSession ordered="Boolean"
                     enabled="Boolean" />
    <readerQuotas maxArrayLength="Integer"
                  maxStringContentLength="Integer" />

Attributes and Elements

The following sections describe attributes, child elements, and parent elements.


Attribute Description
bypassProxyOnLocal A value that indicates whether to bypass the proxy server for local addresses. The default is false.
closeTimeout A TimeSpan value that specifies the interval of time provided for a close operation to complete. This value should be greater than or equal to Zero. The default is 00:01:00.
hostNameComparisonMode Specifies the HTTP hostname comparison mode used to parse URIs. This attribute is of type HostNameComparisonMode, which indicates whether the hostname is used to reach the service when matching on the URI. The default value is StrongWildcard, which ignores the hostname in the match.
maxBufferPoolSize The maximum buffer pool size for this binding. The default is 524,288 bytes (512 * 1024). Many parts of Windows Communication Foundation (WCF) use buffers. Creating and destroying buffers each time they are used is expensive, and garbage collection for buffers is also expensive. With buffer pools, you can take a buffer from the pool, use it, and return it to the pool once you are done. Thus the overhead in creating and destroying buffers is avoided.
maxReceivedMessageSize The maximum message size, in bytes, including headers, that can be received on a channel configured with this binding. The sender of a message that exceeds this limit receives a SOAP fault. The receiver drops the message and creates an entry of the event in the trace log. The default is 65536.
messageEncoding Defines the encoder used to encode the message. Valid values include the following:

- Text: Use a text message encoder.
- Mtom: Use a Message Transmission Organization Mechanism 1.0 (MTOM) encoder.

The default is Text.

This attribute is of type WSMessageEncoding.
name The configuration name of the binding. This value should be unique because it is used as an identification for the binding. Starting with .NET Framework 4, bindings and behaviors are not required to have a name. For more information about default configuration and nameless bindings and behaviors, see Simplified Configuration and Simplified Configuration for WCF Services.
openTimeout A TimeSpan value that specifies the interval of time provided for an open operation to complete. This value should be greater than or equal to Zero. The default is 00:01:00.
privacyNoticeAt A URI at which the privacy notice is located.
privacyNoticeVersion The version of the current privacy notice.
proxyAddress A URI that specifies the address of the HTTP proxy. If useDefaultWebProxy is true, this setting must be null. The default is null.
receiveTimeout A TimeSpan value that specifies the interval of time provided for a receive operation to complete. This value should be greater than or equal to Zero. The default is 00:10:00.
sendTimeout A TimeSpan value that specifies the interval of time provided for a send operation to complete. This value should be greater than or equal to Zero. The default is 00:01:00.
textEncoding Sets the character set encoding to be used for emitting messages on the binding. Valid values include the following:

- BigEndianUnicode: Unicode Big Endian encoding.
- Unicode: 16-bit encoding.
- UTF8: 8-bit encoding.

The default is UTF8. This attribute is of type Encoding.
transactionFlow A value that specifies whether the binding supports flowing WS-Transactions. The default is false.
useDefaultWebProxy A value that indicates whether the system’s auto-configured HTTP proxy is used. The proxy address must be null (that is, not set) if this attribute is true. The default is true.

Child Elements

Element Description
<security> Defines the security settings for the message. This element is of type WSFederationHttpSecurityElement.
<readerQuotas> Defines the constraints on the complexity of SOAP messages that can be processed by endpoints configured with this binding. This element is of type XmlDictionaryReaderQuotasElement.
<reliableSession> Specifies whether reliable sessions are established between channel endpoints.

Parent Elements

Element Description
<bindings> This element holds a collection of standard and custom bindings.


Federation is the ability to share identities across multiple enterprises or trust domains for authentication and authorization. It uses the WS-Trust protocol to map the identity representation from one trust domain to another. Federated HTTP binding supports SOAP security as well as mixed-mode security, but it does not support transport security. Services configured with this binding must use the HTTP transport. For more information, see <wsFederationHttpBinding>.


        <binding bypassProxyOnLocal="false"
          <reliableSession ordered="false"
                           enabled="true" />
          <security mode="None">
            <message negotiateServiceCredential="false"
              <issuer address="http://localhost/Sts" />

See also