Open Services

Open services do not required the client to authenticate itself, so there isn't an authorization either.


WCF 4.0 is 100% compatible with the eHealth services that do not require authentication. In general these services require SSL (https) to ensure the confidentiality and integrity of the message. Confidentialy means only the client and service can read the message while integrity means that the sender is sure the messages arrives unaltered at the service.

Adding Service Reference

Adding a reference can be done in your favorite way. The generated code is ready to be used when aplying the correct configuration.


The standard basicHttpBinding of WCF is the most advised choice. Obviously it is also possible to use the customBinding, but this isn't covered in this documentation. The SSL is enforsed by setting the security to "transport" without client credentials.

The basicHttpBinding expects an authentication, while this type of services doesn't. This is easly resolved by setting the message client credential type to UserName. Because we don't specify an username, it will be ignored when sending a request.

Via app.config/web.config

In the app.config or web.config the configuration looks as follows

        <binding name="httpsBinding">
          <security mode="Transport">
            <transport clientCredentialType="None" proxyCredentialType="None" realm="">
              <extendedProtectionPolicy policyEnforcement="Never"/>
            <message clientCredentialType="UserName" algorithmSuite="Default"/>
      <endpoint address="https://hhh/zzz" binding="basicHttpBinding" bindingConfiguration="httpsBinding" contract="xxx" name="yyy"/>

Via Code


Last edited Nov 24, 2010 at 9:30 PM by egelke, version 4


No comments yet.