Exclusively for you!! Trial version of Google Apps, Apply Coupon-CNHPGX6T6QRWGV!!

Few lines about WCF metadata

WCF @Image courtesy of ddpavumba/ FreeDigitalPhotos.net

Few lines about WCF metadata

Welcome to CodeSpread!

What is WCF metadata?

WCF generates metadata for service endpoints and this metadata is used to describe how to interact with the service’s endpoints. This information is used by Svcutil.exe to generate proxy for accessing the service.

WCF metadata is exposed by one or more metadata endpoints similar to service endpoints. They have an address, a binding, and a contract.

This information is sent over standard protocols, such as WS-MetadataExchange (MEX) and HTTP/GET requests.
Also, Metadata can be added to a service host through configuration or imperative code.

We can see the below example for adding metadata endpoints to the service in the configuration file.

<endpoint address="mex"


contract="IMetadataExchange" />

What are the bindings available for Service Metadata?

  •  mexHttpBinding for HTTP protocol.
  •  mexHttpsBinding for HTTPS security layer.
  •  mexNamedPipeBinding for named pipe.
  •  mexTcpBinding for TCP protocol.

Can Service Metadata be tampered?

  1. Service metadata can be tampered with or spoofed.
  2. Spoofed data can be used to redirect client to a malicious service.
  3. Metadata documents can be large and are frequently saved to the file system.

How to protect Service Metadata?

  1. Use a secure binding to request service metadata.
  2. Publish service metadata over HTTPS, use mexHttpsBinding and configure a server certificate for the service.

Author: hershey

A passion for knowledge drives me to do programming, A passion for programming drives me to create something different, A passion for creation drives me to spread the knowledge.

Share This Post On

Submit a Comment

Your email address will not be published. Required fields are marked *

More from CodeSpread:

  • Difference Between Transport and Message Security in WCFDifference Between Transport and Message Security in WCFTransport Security in WCF As the name suggests, it is concerned with security of communication between client and the service over a network protocol. It guarantees the confidentiality and integri...
  • REST- REpresentational State TransferREST- REpresentational State TransferREST – REpresentational State Transfer, is an enhanced version of client server style architecture for distributed communication. When we talk about distributed communication, we think of reques...
  • WCF Part 2: Fundamentals.WCF Part 2: Fundamentals.We have seen the evolution of WCF in our previous article: WCF Part 1: Why WCF?. Next, we will go through the fundamentals of WCF. I will try to make it more worthy than an interview question puff....
  • Caching in WCF ServicesCaching in WCF ServicesYes, It is possible and clearly a  significant performance enhancement. How caching works for WCF services? Lets assume, a user sends a request to a service so at server, service method is called...
  • WCF Part 1: Why WCF?WCF Part 1: Why WCF?When i create a WCF service, i feel like it is a very easy task but when somebody asks me, why you have created it? then the simplest answer is, i got the requirement like this. But to be honest, N...
  • WCF Part 3: Direct from WCF kitchen.WCF Part 3: Direct from WCF kitchen.In the last two articles WCF:Part 1 and WCF Part 2, we have covered basic knowledge and terminologies of WCF.Now we will apply that knowledge to create a WCF service.There are lot of articles avail...
  • Useful WCF ToolsUseful WCF ToolsWhen we work with WCF, we mostly concentrate on the development aspect which involves create, deploy, and manage WCF applications. As a developer, I can suggest that If we utilize various tools ava...
  • Simply LINQ: What,Why and How.Simply LINQ: What,Why and How.What is LINQ? LINQ is Language-Integrated Query (LINQ). It is primarily an extension to the language's capability where it adds query expressions which processes objects and data. It is a one s...