[Mono-dev] WCF: netTcpBinding

Karsten Fourmont fourmont at gmx.de
Tue Dec 21 15:44:37 EST 2010 

Hi,

thanks to the quick fix for the Datetime serialisation issue (thank you 
Atsushi!), I'm getting closer to moving my WCF heavy project over to 
Mono. (Well the server side actually, client's WPF...)

But now I think I hit the biggest barrier: security & netTcpBinding.

Here are my requirements for the WCF communication:

1. I need a duplex service
2. A NATed/firewalled client must be able to initiate the connection.
3. secure session with username/password authentication.
4. Low overhead (performance & message size) for big chunks of binary data

So imho netTcpBinding (or even customBinding) is the way to go. In .NET 
  s.th. like this works fine (server side config):

<netTcpBinding>
   <binding name="serverTcp">
     <security mode ="TransportWithMessageCredential">
       <message clientCredentialType="UserName"/>
       <transport clientCredentialType="None"/>
     </security>
  </binding>
</netTcpBinding>
...
<behavior name="serverBehaviour">
  <serviceCredentials>
    <serviceCertificate findValue="myCert"
	storeLocation="LocalMachine"
         storeName="My"
	x509FindType="FindBySubjectName" />
         <userNameAuthentication
	 userNamePasswordValidationMode="Custom"
          customUserNamePasswordValidatorType="My.Validator, MyDll" />
     </serviceCredentials>
</behavior>

The Security Mode is TransportWithMessageCredential as Transport 
encryption via ssl has a lower performance overhead (afaik) but for some 
"MS only knows" reason it doesn't offer Username credentials. So Message 
security is used for auth with a custom validator class.

I didn't manage to get this config running on Mono: for starters I don't 
know how to let the server know about the certificate's private key 
which it needs for the ssl connection. I can provide the certificate by 
using Mono's certmgr, but this is only the public key part, suitable for 
the client.

If I run it anyway I hit a "NotImplementedException"

So I fear even with the private key worked out, getting this kind of 
advanced configuration (or s.th. similar) up and running is not 
something that can be done with Mono right now. Or can it? Is there 
something I can do to help?

Any input and getting Mono WCF up to a configuration that meets the 4 
requirments above as good as possible is highly welcome.

Other options might be to go over Http Bindings and maybe do duplex by 
some clever polling. There's a interesting looking thing at
http://code.msdn.microsoft.com/duplexhttp

Cheers,
  Karsten

More information about the Mono-devel-list mailing list