The behavior of the WebHttpBinding in case of SecurityMode ==
WebHttpSecurityMode.TransportCredentialOnly must use the http scheme, in
order to allow authentication of the client based on the standard HTTP
headers, like WWW-Authenticate: Scheme realm="" and so on. This behavior
is the default in .net;
}
public override string Scheme {
- get { return Security.Mode != WebHttpSecurityMode.None ? Uri.UriSchemeHttps : Uri.UriSchemeHttp; }
+ get { return Security.Mode == WebHttpSecurityMode.Transport ? Uri.UriSchemeHttps : Uri.UriSchemeHttp; }
}
public WebHttpSecurity Security {
Assert.AreEqual (typeof (WebMessageEncodingBindingElement), bc [0].GetType (), "#2");
Assert.AreEqual (typeof (HttpTransportBindingElement), bc [1].GetType (), "#3");
}
+
+ [Test]
+ public void DefaultSchemeBasedOnSecurityMode ()
+ {
+ WebHttpBinding b = new WebHttpBinding(WebHttpSecurityMode.TransportCredentialOnly);
+ Assert.AreEqual("http", b.Scheme, "#1");
+
+ b = new WebHttpBinding(WebHttpSecurityMode.Transport);
+ Assert.AreEqual("https", b.Scheme, "#2");
+ }
}
}