Develop Reference

error Cannot process the message because the content type 'application/json' was not the expected type 'text/xml; charset=utf-8'

When using firebug, I got this wired error "NetworkError: 415 Cannot process the ...xt/xml; charset=utf-8 in my asp.net project.
Interface is below
[OperationContract]
[FaultContract(typeof(string))]
[WebInvoke(Method="POST",
UriTemplate="Demand",
BodyStyle = WebMessageBodyStyle.Bare,
ResponseFormat=WebMessageFormat.Json)]
ClientResponse postdemand_data(List<demands> demanddata);
web config. we use following web config file in my service
<system.web>
<compilation debug="true" targetFramework="4.0" />
</system.web>
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="LargeWebforHttp" maxBufferSize="2147483647" maxReceivedMessageSize="2147483647">
<readerQuotas maxDepth="2147483647" maxStringContentLength="2147483647"
maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647" />
</binding>
<binding name="LargeWebforHttps" maxBufferSize="2147483647" maxReceivedMessageSize="2147483647">
<readerQuotas maxDepth="2147483647" maxStringContentLength="2147483647"
maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647" />
<security mode="Transport">
<transport clientCredentialType="None"/>
</security>
</binding>
</basicHttpBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior name="DPintegrationHA_FromSR.Service1Behavior">
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" httpsGetUrl="" />
<serviceThrottling maxConcurrentCalls="10000" maxConcurrentSessions="10000"
maxConcurrentInstances="10000" />
<dataContractSerializer maxItemsInObjectGraph="2147483647" />
</behavior>
</serviceBehaviors>
</behaviors>
<services>
<service behaviorConfiguration="DPintegrationHA_FromSR.Service1Behavior" name="DP_ITAPEDGE_HMview_wcf.Service1">
<endpoint address="" binding="basicHttpBinding" bindingConfiguration="LargeWebforHttp" contract="DP_ITAPEDGE_HMview_wcf.IService1" name="httpPoint">
</endpoint>
<endpoint address="" binding="basicHttpBinding" bindingConfiguration="LargeWebforHttps" contract="DP_ITAPEDGE_HMview_wcf.IService1" name="httpsPoint">
</endpoint>
<endpoint address="mex" binding="mexHttpsBinding" contract="IMetadataExchange" />
</service>
</services>
</system.serviceModel>

How to configure web service binding to serve both request http and https request?

<system.serviceModel>
<services>
<service behaviorConfiguration="Complete_Html5.CompleteService.CompleteServiceAspNetAjaxBehavior" name="Complete_Html5.CompleteService.Complete">
<endpoint address="" binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_Complete" contract="Complete_Html5.CompleteService.Complete" />
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />
</service>
<service name="Complete_Html5.Service1" behaviorConfiguration="Complete_Html5.Service1ServiceAspNetAjaxBehavior">
<endpoint address="" binding="basicHttpBinding" contract="Complete_Html5.Service1" />
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />
</service>
</services>
<behaviors>
<endpointBehaviors>
<behavior name="Complete_Html5.Service1AspNetAjaxBehavior">
<enableWebScript />
</behavior>
<behavior name="Complete_Html5.CompleteService.CompleteServiceAspNetAjaxBehavior">
<enableWebScript />
</behavior>
</endpointBehaviors>
<serviceBehaviors>
<behavior name="Complete_Html5.CompleteService.CompleteServiceAspNetAjaxBehavior">
<serviceMetadata httpGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
<behavior name="Complete_Html5.Service1ServiceAspNetAjaxBehavior">
<serviceMetadata httpGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
</serviceBehaviors>
</behaviors>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
<bindings>
<basicHttpBinding>
<binding name="BasicHttpBinding_Complete" closeTimeout="00:10:00" openTimeout="00:10:00" receiveTimeout="00:10:00" sendTimeout="00:10:00" allowCookies="false" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard" maxBufferPoolSize="10485760" maxBufferSize="2147483647" maxReceivedMessageSize="2147483647" messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered" useDefaultWebProxy="true">
<readerQuotas maxDepth="2147483647" maxStringContentLength="2147483647" maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647" />
<security mode="None">
<transport clientCredentialType="None" proxyCredentialType="None" realm="" />
<message clientCredentialType="UserName" algorithmSuite="Default" />
</security>
</binding>
<binding name="BasicHttpBinding_Complete1" closeTimeout="00:10:00" openTimeout="00:10:00" receiveTimeout="00:10:00" sendTimeout="00:10:00" allowCookies="false" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard" maxBufferSize="2147483647" maxBufferPoolSize="524288" maxReceivedMessageSize="2147483647" messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered" useDefaultWebProxy="true">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384" maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<security mode="None">
<transport clientCredentialType="None" proxyCredentialType="None" realm="" />
<message clientCredentialType="UserName" algorithmSuite="Default" />
</security>
</binding>
<binding name="BasicHttpBinding_Service1" closeTimeout="00:10:00" openTimeout="00:10:00" receiveTimeout="00:10:00" sendTimeout="00:10:00" allowCookies="false" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard" maxBufferPoolSize="10485760" maxBufferSize="2147483647" maxReceivedMessageSize="2147483647" textEncoding="utf-8" transferMode="Buffered" useDefaultWebProxy="true" messageEncoding="Text">
<readerQuotas maxDepth="2147483647" maxStringContentLength="2147483647" maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647" />
<security mode="None">
<transport clientCredentialType="None" proxyCredentialType="None" realm="" />
<message clientCredentialType="UserName" algorithmSuite="Default" />
</security>
</binding>
<binding name="BasicHttpBinding_Service11" />
</basicHttpBinding>
</bindings>
<client>
<endpoint address="http://www.examplete.com:83/CompleteService/Complete.svc" binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_Complete" contract="Complete_Html5.CompleteService.Complete" name="BasicHttpBinding_Complete" />
<endpoint address="http://www.examplete.com:83/CompleteService/Complete.svc" binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_Complete1" contract="PMCService.Complete" name="BasicHttpBinding_Complete1" />
<endpoint address="http://www.examplete.com:83/Service1.svc" binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_Service1" contract="ReportService.Service1" name="BasicHttpBinding_Service1" />
<endpoint address="http://www.examplete.com:83/Service1.svc" binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_Service11" contract="ReportService.Service1" name="BasicHttpBinding_Service11" />
</client>
</system.serviceModel>
Above is the service setting in web.config what changes I have to make so that I could use both hits http and https while accessing website??
We have added ssl certificate to server and have unchecked required ssl from website ssl certificate setting.
It it working fine http but when hits come is website is with https it's throwing error as:
The provided URI scheme https is invalid; Expected http. Parameter
name: via.
How to solve this so that allow both hits http and https?
This is specially when we calling web service.
Have tried by adding httpsGetEnabled="true" in serviceMetadata element but still not working..!
I have tried by just adding security mode to Transport but still not working.
I think it could be wrong setting. How to do that binding by proper way?

WCF throws Exception When the passed list size is large

I use WCF in my application. from Application I Pass a list to process at backend through WCF. If the no Of rows in the list is large then The service throws the exception "The remote server returned an unexpected response: (400) Bad Request."
below is my UI web config
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="BasicHttpBinding_IService1" closeTimeout="10:20:00"
openTimeout="10:20:00" receiveTimeout="10:20:00" sendTimeout="10:20:00"
allowCookies="false" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard"
maxBufferSize="2147483647" maxBufferPoolSize="2147483647" maxReceivedMessageSize="2147483647"
messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered"
useDefaultWebProxy="true">
<readerQuotas maxDepth="2147483647" maxStringContentLength="2147483647"
maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647" />
<security mode="None">
<transport clientCredentialType="Windows" proxyCredentialType="Windows"
realm="" />
<message clientCredentialType="UserName" algorithmSuite="Default" />
</security>
</binding>
<binding name="BasicHttpBinding_IErrorService" closeTimeout="10:20:00"
openTimeout="10:20:00" receiveTimeout="10:20:00" sendTimeout="10:20:00"
allowCookies="false" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard"
maxBufferSize="2147483647" maxBufferPoolSize="2147483647" maxReceivedMessageSize="2147483647"
messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered"
useDefaultWebProxy="true">
<readerQuotas maxDepth="2147483647" maxStringContentLength="2147483647"
maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647" />
<security mode="None">
<transport clientCredentialType="None" proxyCredentialType="None"
realm="" />
<message clientCredentialType="UserName" algorithmSuite="Default" />
</security>
</binding>
<binding name="BasicHttpBinding_IService11" closeTimeout="10:20:00"
openTimeout="10:20:00" receiveTimeout="10:20:00" sendTimeout="10:20:00"
allowCookies="false" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard"
maxBufferSize="2147483647" maxBufferPoolSize="2147483647" maxReceivedMessageSize="2147483647"
messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered"
useDefaultWebProxy="true">
<readerQuotas maxDepth="2147483647" maxStringContentLength="2147483647"
maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647" />
<security mode="None">
<transport clientCredentialType="Windows" proxyCredentialType="Windows"
realm="" />
<message clientCredentialType="UserName" algorithmSuite="Default" />
</security>
</binding>
<binding name="BasicHttpBinding_ISecurityUserService" closeTimeout="10:20:00"
openTimeout="10:20:00" receiveTimeout="10:20:00" sendTimeout="10:20:00"
allowCookies="false" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard"
maxBufferSize="2147483647" maxBufferPoolSize="2147483647" maxReceivedMessageSize="2147483647"
messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered"
useDefaultWebProxy="true">
<readerQuotas maxDepth="2147483647" maxStringContentLength="2147483647"
maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647" />
<security mode="None">
<transport clientCredentialType="Windows" proxyCredentialType="Windows"
realm="" />
<message clientCredentialType="UserName" algorithmSuite="Default" />
</security>
</binding>
</basicHttpBinding>
</bindings>
<client>
<endpoint address="http://localhost:6789/Service1.svc" binding="basicHttpBinding"
bindingConfiguration="BasicHttpBinding_IService1" contract="ServiceReference1.IService1"
name="BasicHttpBinding_IService1" />
<endpoint address="http://localhost:6789/ErrorService.svc" binding="basicHttpBinding"
bindingConfiguration="BasicHttpBinding_IErrorService" contract="ErrorServiceReference.IErrorService"
name="BasicHttpBinding_IErrorService" />
<endpoint address="http://localhost:6789/SecurityUserService.svc"
binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_ISecurityUserService"
contract="SecurityUserServiceReference.ISecurityUserService"
name="BasicHttpBinding_ISecurityUserService" />
<endpoint address="http://localhost:6789/Service1.svc" binding="basicHttpBinding"
bindingConfiguration="BasicHttpBinding_IService11" contract="ServiceReference.IService1"
name="BasicHttpBinding_IService11" />
</client>
</system.serviceModel>
also added the below tag To WCF Web config as well as UI Web config
<system.web>
<httpRuntime maxRequestLength="512000" />
</system.web>
MY service Config is As below
<httpRuntime maxRequestLength="512000" />
ServiceModel :
<behaviors>
<serviceBehaviors>
<behavior>
<serviceMetadata httpGetEnabled="true"/>
<serviceDebug includeExceptionDetailInFaults="true"/>
</behavior>
</serviceBehaviors>
</behaviors>
<services>
</services>
<serviceHostingEnvironment multipleSiteBindingsEnabled="true" />
<modules runAllManagedModulesForAllRequests="true"/>
I modified the service Web config . still i am getting the Same issue. Please help me on this
<services>
<service name="BasicHttpBinding_IService1" behaviorConfiguration="Behavior">
<endpoint address=""
binding="basicHttpBinding"
bindingConfiguration="BasicHttpBinding_IService1"
contract="ServiceReference1.IService1"/>
</service>
<service name="BasicHttpBinding_IErrorService" behaviorConfiguration="Behavior">
<endpoint address=""
binding="basicHttpBinding"
bindingConfiguration="BasicHttpBinding_IErrorService"
contract="ErrorServiceReference.IErrorService"/>
</service>
<service name="BasicHttpBinding_ISecurityUserService" behaviorConfiguration="Behavior">
<endpoint address=""
binding="basicHttpBinding"
bindingConfiguration="BasicHttpBinding_ISecurityUserService"
contract="SecurityUserServiceReference.ISecurityUserService"/>
</service>
</services>
and bindings
<bindings>
<basicHttpBinding>
<binding name="BasicHttpBinding_IService1" closeTimeout="10:20:00"
openTimeout="10:20:00" receiveTimeout="10:20:00" sendTimeout="10:20:00"
allowCookies="false" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard"
maxBufferSize="2147483647" maxBufferPoolSize="2147483647" maxReceivedMessageSize="2147483647"
messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered"
useDefaultWebProxy="true">
<readerQuotas maxDepth="2147483647" maxStringContentLength="2147483647"
maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647" />
<security mode="None">
<transport clientCredentialType="Windows" proxyCredentialType="Windows"
realm="" />
<message clientCredentialType="UserName" algorithmSuite="Default" />
</security>
</binding>
<binding name="BasicHttpBinding_IErrorService" closeTimeout="10:20:00"
openTimeout="10:20:00" receiveTimeout="10:20:00" sendTimeout="10:20:00"
allowCookies="false" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard"
maxBufferSize="2147483647" maxBufferPoolSize="2147483647" maxReceivedMessageSize="2147483647"
messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered"
useDefaultWebProxy="true">
<readerQuotas maxDepth="2147483647" maxStringContentLength="2147483647"
maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647" />
<security mode="None">
<transport clientCredentialType="None" proxyCredentialType="None"
realm="" />
<message clientCredentialType="UserName" algorithmSuite="Default" />
</security>
</binding>
<binding name="BasicHttpBinding_ISecurityUserService" closeTimeout="10:20:00"
openTimeout="10:20:00" receiveTimeout="10:20:00" sendTimeout="10:20:00"
allowCookies="false" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard"
maxBufferSize="2147483647" maxBufferPoolSize="2147483647" maxReceivedMessageSize="2147483647"
messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered"
useDefaultWebProxy="true">
<readerQuotas maxDepth="2147483647" maxStringContentLength="2147483647"
maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647" />
<security mode="None">
<transport clientCredentialType="Windows" proxyCredentialType="Windows"
realm="" />
<message clientCredentialType="UserName" algorithmSuite="Default" />
</security>
</binding>
</basicHttpBinding>
</bindings>

You don't appear to have any endpoints or bindings defined in your service config, which means you're getting default endpoints and bindings. Since your service is using the default binding and its default values, it can't receive the large message.
You can override the default binding settings by omitting the name attribute in the binding element. However, in your case you have different settings in your three defined bindings (in the security portion, at least). So you'll need to both define the bindings and assign them to endpoints.
Try something like this:
<bindings>
<basicHttpBinding>
<binding name="BasicHttpBinding_IService1" .....>
</basicHttpBinding>
</bindings>
I've omitted most of the binding declaration - you can simply copy them from your client config.
Then in the service you assign a specific binding configuration with the bindingConfig attribute on the endpoint element, like this:
<services>
<service .... >
<endpoint address="http://localhost:6789/Service1.svc"
binding="basicHttpBinding"
bindingConfiguration="BasicHttpBinding_IService1"
contract="ServiceReference1.IService1"
name="BasicHttpBinding_IService1" />
</service>
</services>
Again, I've omitted most of the configuration code for simplicity.
The key point here is that the service needs to have a binding that is configured to accept larger messages than the defaults. Increasing the maxRequestLength for the runtime doesn't affect the WCF services directly (unless you have request larger than the HTTP runtime value, of course).
You can read more about default endpoints and bindings here - A Developer's Introduction to Windows Communication Foundation 4

Use WCF Client to consume Non-WCF Service and pass Client Certificate

I have an ASP.NET application that calls a Java Web Service using a WCF Client. The communication works until a certificate is required. I updated the config, but I'm receiving errors on call. Does anyone have good example of the configuration? The certificate is stored in Certificate Store.
Config that works when Client Certificate is not needed:
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="DocManagementSOAP" closeTimeout="00:01:00" openTimeout="00:01:00"
receiveTimeout="00:10:00" sendTimeout="00:01:00" allowCookies="false"
bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard"
maxBufferSize="65536" maxBufferPoolSize="524288" maxReceivedMessageSize="65536"
messageEncoding="Mtom" textEncoding="utf-8" transferMode="Buffered"
useDefaultWebProxy="true">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<security mode="Transport">
<transport clientCredentialType="None" proxyCredentialType="None" realm="" />
<message clientCredentialType="UserName" algorithmSuite="Default" />
</security>
</binding>
</basicHttpBinding>
</bindings>
<client>
<endpoint address="https://acme.com/services/docmanagement_V3"
binding="basicHttpBinding"
bindingConfiguration="DocManagementSOAP"
contract="FileNetDmsServiceReference.docManagement"
name="DocManagementSOAP" />
</client>
</system.serviceModel>
Config that is failing that I'm trying to setup to pass Client Cert:
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="DocManagementSOAP"
closeTimeout="00:01:00"
openTimeout="00:01:00"
receiveTimeout="00:10:00"
sendTimeout="00:01:00"
allowCookies="false"
bypassProxyOnLocal="false"
hostNameComparisonMode="StrongWildcard"
maxBufferSize="65536"
maxBufferPoolSize="524288"
maxReceivedMessageSize="65536"
messageEncoding="Mtom"
textEncoding="utf-8"
transferMode="Buffered"
useDefaultWebProxy="true">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384" maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<security mode="Transport">
<transport clientCredentialType="Certificate" proxyCredentialType="None" realm=""/>
<message clientCredentialType="Certificate" algorithmSuite="Default"/>
</security>
</binding>
</basicHttpBinding>
</bindings>
<client>
<endpoint address="https://acme.com/services/docmanagement_V3"
binding="basicHttpBinding"
bindingConfiguration="DocManagementSOAP"
behaviorConfiguration="CertificateBehavior"
contract="ServiceReference.docManagement"
name="DocManagementSOAP">
<identity>
<dns value="cert.acme.com" />
</identity>
</endpoint>
</client>
<behaviors>
<endpointBehaviors>
<behavior name="CertificateBehavior">
<clientCredentials>
<clientCertificate x509FindType="FindBySubjectName" findValue="cert.acme.com" storeLocation="LocalMachine"/>
<serviceCertificate>
<authentication certificateValidationMode="PeerOrChainTrust"
revocationMode="NoCheck"
trustedStoreLocation="LocalMachine" />
</serviceCertificate>
</clientCredentials>
</behavior>
</endpointBehaviors>
</behaviors>
</system.serviceModel>

After working with Microsoft Tech support, this is configuration finally worked:
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="DocManagementSOAP"
messageEncoding="Mtom"
textEncoding="utf-8">
<security mode="Transport">
<transport clientCredentialType="Certificate" proxyCredentialType="None" realm="" />
</security>
</binding>
</basicHttpBinding>
</bindings>
<client>
<endpoint address="https://acme.com/services/docmanagement_V3"
binding="basicHttpBinding"
behaviorConfiguration="cert"
bindingConfiguration="DocManagementSOAP"
contract="docManagement"
name="DocManagementSOAP" />
</client>
<behaviors>
<endpointBehaviors>
<behavior name="cert">
<clientCredentials>
<clientCertificate findValue="cert.acme.com"
storeLocation="LocalMachine"
storeName="My"
x509FindType="FindBySubjectName"/>
</clientCredentials>
</behavior>
</endpointBehaviors>
</behaviors>
</system.serviceModel>
Note: If your service doesn't support MTOM, remove or change the messageEncoding attribute.

wcf: adding username to the message header is this secure?

I'm connecting to a WCF service in an ASP.NET app. I'm logging in using one username and password and passing the actual username of whoevever is logged into the ASP.NET web app in a message header as below.
using (OperationContextScope scope = new OperationContextScope(myService2.InnerChannel))
{
Guid myToken = Guid.NewGuid();
MessageHeader<string> messageHeader = new MessageHeader<string>(HttpContext.Current.User.Identity.Name);
MessageHeader untyped = messageHeader.GetUntypedHeader("token", "ns");
OperationContext.Current.OutgoingMessageHeaders.Add(untyped);
lblResult.Text = myService2.GetData(1231);
}
I'm also using a service certificate as below
<serviceCredentials>
<serviceCertificate findValue="CN=tempCert" />
<userNameAuthentication userNamePasswordValidationMode="MembershipProvider"
membershipProviderName="MySqlMembershipProvider" />
</serviceCredentials>
What I'm worried about is whether this sufficient protection to stop people getting at the username stored in the message header?
ASP.NET config is
<system.serviceModel>
<behaviors>
<endpointBehaviors>
<behavior name="NewBehavior">
<clientCredentials>
<serviceCertificate>
<authentication revocationMode="NoCheck"/>
</serviceCertificate>
</clientCredentials>
</behavior>
</endpointBehaviors>
</behaviors>
<bindings>
<wsHttpBinding>
<binding name="wsHttpEndpoint" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00" bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard" maxBufferPoolSize="524288" maxReceivedMessageSize="65536" messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true" allowCookies="false">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384" maxBytesPerRead="4096" maxNameTableCharCount="16384"/>
<reliableSession ordered="true" inactivityTimeout="00:10:00" enabled="false"/>
<security mode="Message">
<transport clientCredentialType="Windows" proxyCredentialType="None" realm=""/>
<message clientCredentialType="UserName" negotiateServiceCredential="true" algorithmSuite="Default" establishSecurityContext="true"/>
</security>
</binding>
</wsHttpBinding>
</bindings>
<client>
<endpoint address="http://localhost/WCFTestService/Service.svc" behaviorConfiguration="NewBehavior" binding="wsHttpBinding" bindingConfiguration="wsHttpEndpoint" contract="WCFTestService.IService" name="wsHttpEndpoint">
<identity>
<certificate encodedValue=""/>
</identity>
</endpoint>
</client>
</system.serviceModel>
and at the service side its
<system.serviceModel>
<bindings>
<wsHttpBinding>
<binding name="wsHttpEndpointBinding">
<security>
<message clientCredentialType="UserName" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<services>
<service behaviorConfiguration="ServiceBehavior" name="Service">
<endpoint address="" binding="wsHttpBinding" bindingConfiguration="wsHttpEndpointBinding"
name="wsHttpEndpoint" contract="IService">
<!--<identity>
<dns value="" />
</identity>-->
</endpoint>
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="ServiceBehavior">
<serviceMetadata httpGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="false" />
<serviceCredentials>
<serviceCertificate findValue="CN=tempCert" />
<userNameAuthentication userNamePasswordValidationMode="MembershipProvider"
membershipProviderName="MySqlMembershipProvider" />
</serviceCredentials>
</behavior>
</serviceBehaviors>
</behaviors>

The big question is: do you have any kind of transport-level or message-level security enabled on your binding? What binding are you using?
If you have transport-level security (typically through using HTTPS over SSL), then you have a point-to-point encrypted transport channel which I would deem very safe.
If you have message-level security using a certificate on the client, too, and you do encrypt the whole message, then you should be safe, too.
It really boils down to what binding you're using and what security settings you're using on that binding. Show us the server's config !
Marc