<transport> 的 <netTcpBinding><transport> of <netTcpBinding>

定義使用設定之端點的訊息層級安全性需求類型 <netTcpBinding>Defines the type of message-level security requirements for an endpoint configured with the <netTcpBinding>.



    <security mode="None|Transport|Message|TransportWithMessageCredential">
      <transport clientCredentialType="None|Windows|Certificate"
        <extendedProtectionPolicy policyEnforcement="Never|WhenSupported|Always"

屬性和項目Attributes and Elements

下列各節說明屬性、子元素和父元素The following sections describe attributes, child elements, and parent elements


屬性Attribute 描述Description
clientCredentialTypeclientCredentialType 選擇性。Optional. 指定當使用傳輸安全性執行用戶端驗證時,要使用的認證類型。Specifies the type of credential to be used when performing client authentication using Transport security.

-預設值為 Windows- The default value is Windows.
-這個屬性的型別為 TcpClientCredentialType- This attribute is of type TcpClientCredentialType.
protectionLevelprotectionLevel 選擇性。Optional. 定義 TCP 傳輸層級的安全性。Defines security at the level of the TCP transport. 簽署訊息可以降低訊息在傳輸時遭到第三者竄改的風險。Signing messages mitigates the risk of a third party tampering with the message while it is being transferred. 加密可在傳輸時提供資料等級的隱私權。Encryption provides data-level privacy during transport.

預設值是 EncryptAndSignThe default value is EncryptAndSign.
sslProtocolssslProtocols SslProtocols 列舉旗標值,可指定所支援的 SslProtocols。A SslProtocols enum flag value that specifies which SslProtocols are supported. 預設值為 Tls|Tls11|Tls12。The default is Tls|Tls11|Tls12.
policyEnforcementpolicyEnforcement 此列舉指定了應該強制執行 ExtendedProtectionPolicy 的時間。This enumeration specifies when the ExtendedProtectionPolicy should be enforced.

1. 永不–不會強制執行原則, (已停用) 的擴充保護。1. Never – The policy is never enforced (Extended Protection is disabled).
2. WhenSupported-只有在用戶端支援擴充保護時,才會強制執行此原則。2. WhenSupported – The policy is enforced only if the client supports Extended Protection.
3. 一律:一律強制執行此原則。3. Always – The policy is always enforced. 不支援延伸保護的用戶端將無法驗證。Clients which don’t support Extended Protection will fail to authenticate.

clientCredentialType 屬性clientCredentialType Attribute

Value 描述Description
None 用戶端為匿名。The client is anonymous. 這需要服務的憑證。This requires a certificate for the service.
WindowsWindows 使用 SP Negotiation (Kerberos 交涉) 指定用戶端的 Windows 驗證。Specifies Windows authentication of the client using SP Negotiation (Kerberos negotiation).
憑證Certificate 用戶端會透過憑證來驗證。The client is authenticated using a certificate. 這會使用 SSL Negotiation,並需要服務的憑證。This uses SSL Negotiation and requires a certificate for the service.

protectionLevel 屬性protectionLevel Attribute

Value 描述Description
None 無保護。No protection.
簽署Sign 訊息會經過簽署。Messages are signed.
EncryptAndSignEncryptAndSign -訊息會經過加密和簽署。- Messages are encrypted and signed.

子元素Child Elements


父項目Parent Elements

項目Element 描述Description
<security> 指定的安全性功能 <netTcpBinding>Specifies the security capabilities of the <netTcpBinding>.


使用傳輸安全性來達成 SOAP 訊息的完整性與機密性,以及交互驗證。Use Transport security for integrity and confidentiality of the SOAP message and for mutual authentication. 如果在繫結上選取這個安全性模式,便會使用安全性傳輸設定通道堆疊,並以傳輸安全性 (如 Windows Negotiate 或 SSL over TCP) 保護 SOAP 訊息。If this security mode is selected on a binding, the channel stack is configured using a secure transport and the SOAP messages are secured using transport security such as Windows (Negotiate) or SSL over TCP.

另請參閱See also