Configuring WCF 4 with routing (global.asax) for both http & https endpoints

Question

I\'m still a newbie with wcf and not too well informed in .net in general. I have a WCF 4 web service that uses the global.asax routing approach and very simplified web.con

Answer 1

I found the answer: you just need to put this snippet in your web.config in the serviceModel tag:

<bindings>
      <webHttpBinding>
        <binding>
          <security mode="Transport" />
        </binding>
      </webHttpBinding>
    </bindings>

Thanks to this post: http://social.msdn.microsoft.com/Forums/en-US/wcf/thread/1dd991a1-e32f-4035-a406-994729858b40

My full web.config is this:

<?xml version="1.0"?> <configuration>

  <system.web>
    <compilation debug="true" targetFramework="4.0" />   </system.web>

  <system.webServer>
    <modules runAllManagedModulesForAllRequests="true">
      <add name="UrlRoutingModule" type="System.Web.Routing.UrlRoutingModule, System.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
    </modules>   </system.webServer>

  <system.serviceModel>
    <serviceHostingEnvironment aspNetCompatibilityEnabled="true"/>
    <bindings>
      <webHttpBinding>
        <binding>
          <security mode="Transport" />
        </binding>
      </webHttpBinding>
    </bindings>
    <standardEndpoints>
      <webHttpEndpoint>
        <!-- 
            Configure the WCF REST service base address via the global.asax.cs file and the default endpoint 
            via the attributes on the <standardEndpoint> element below
        -->
        <standardEndpoint name="" helpEnabled="true" automaticFormatSelectionEnabled="true">
          <security mode="Transport" >

          </security>
        </standardEndpoint>
      </webHttpEndpoint>
    </standardEndpoints>   </system.serviceModel> </configuration>

Answer 2

The above works if you don't want both HTTP and HTTPS. In my case I want both, because some services require SSL (authentication) and others don't as the information they provide is not sensitive. The authentication services implementation do they own validation and refuse to answer if the request didn't come from an https scheme.

The bellow configuration works if you want to setup both HTTP and HTTPS on the same endpoint.

<system.serviceModel>
    <serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
    <behaviors>
      <serviceBehaviors>
        <behavior name="">
          <serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
        </behavior>
      </serviceBehaviors>
    </behaviors>
    <bindings>
      <webHttpBinding>
        <binding>
          <security mode="Transport" />
        </binding>
        <binding name="UnsecureBinding"></binding>
      </webHttpBinding>
    </bindings>
    <protocolMapping>
      <add scheme="http" binding="webHttpBinding" bindingConfiguration="UnsecureBinding" />
    </protocolMapping>
    <standardEndpoints>
      <webHttpEndpoint>
        <standardEndpoint name="" helpEnabled="true" automaticFormatSelectionEnabled="false" />
      </webHttpEndpoint>
    </standardEndpoints>
  </system.serviceModel>