What happens if I set HttpGetEnabled = false

Anil Purswani picture Anil Purswani · Apr 15, 2011 · Viewed 21.2k times · Source

I am confused with Metadata publish concept.

If in a WCF Service config file I had written :

  <serviceMetadata httpGetEnabled="false"/>

No matter it is true or false. When I tried to give service reference in a client application using "Add Service Reference..." and clicked on "Discover", I am able to retrieve Service Reference.

But when removed the following two lines: -

<endpoint address="mex" binding="mexBasicHttpBinding" contract="IMetadataExchange"/>

<serviceMetadata httpGetEnabled="false"/>

Now after that when I tried to give reference in a client application using "Add Service Reference...." and clicked on "Discover", I am NOT able to retrieve Service Reference....

Now can anyone tell me what exactly it means. Why after setting it False it is still allowing to set reference. And why after removing those lines it is not allowing to set reference.

Answer

Cornelius picture Cornelius · May 3, 2011

MEX and WSDL are two different schemes to tell potential clients about the structure of your service. So you can choose to either make your service contracts public as "metadata exchance format" (MEX) or in the "web service description language" (WSDL) -- the latter being accessible via HTTP(s).

Thus in order to generate proxies, you need meta data information. When you remove the serviceMetadata-line you say you are not providing meta data in WSDL format.

But the line before, publishing your metadata in MEX, is still active, thus you can generate a proxy from those metadata.

From those follows naturally that when you provide neither WSDL nor MEX formatted information, you cannot generate a proxy.

As Joel C correctly pointed out, the bindings are a(n almost) orthogonal concept. Whether you allow clients to talk to you via basic HTTP, ws HTTP, net named pipes or crystal balls is quite not dependent on how you publish your services.

The WCF security guidance project and / or MS "practises and patterns" for WCF security might provide deeper insight.