I have a WCF Service with wsHTTPBinding using default message security. I am sending a token from client by adding it to soap header
using (ChannelFactory<mychannel> factory = new ChannelFactory<mychannel>(new WSHttpBinding()))
{
using (MyChannelproxy = factory.CreateChannel(new EndpointAddress(@"address")))
{
using (OperationContextScope scope = new OperationContextScope(proxy))
{
Guid myToken = Guid.NewGuid();
MessageHeader name = MessageHeader.CreateHeader("Name", "ns", myToken);
MessageHeader id = MessageHeader.CreateHeader("Id", "http://Vid", "Id");
OperationContext.Current.OutgoingMessageHeaders.Add(name);
OperationContext.Current.OutgoingMessageHeaders.Add(id);
1. When I saw the request going out using fiddler, its going as plain text, should I need to use Transport Security for soap header encryption ? Is there any other built in way to encrpt the information passing in soap header without using SSL
2. Is this the right way to add sensitive information in soap header ?
Please pass on some example or links you know that suits the situation, Thanks in advance