You are creating a Windows Communication Foundation (WCF) service based on
WSHttpBinding. New audit requirements dictate that callers must be authenticated on every
call to ensure that their credentials have not been revoked. You need to ensure that the
service will not cache the security request token. What should you do?
A.
Apply a ServiceBehavior attribute to the service implementation class with the
InstanceContextMode property set to Single.
B.
In the message security configuration, change clientCredentialType from IssuedToken to
UserName.
C.
In the message security configuration, set establishSecurityContext to false.
D.
At the end of every operation, call the SessionStateUtility.RaiseSessionEnd method.