You are creating a Windows Communication Foundation service by using Microsoft .NET Framework 3.5. The client applications are unable to use SSL. You need to ensure that clients authenticate by using a token provided by a Security Token Service (STS). What should you do?
A.
Use a BasicHttpBinding binding with the security mode set to Message.
B.
Use a BasicHttpBinding binding with the security mode set to TransportWithMessageCredential.
C.
Use a WSFederationHttpBinding binding with the security mode set to Message.
D.
Use a WSFederationHttpBinding binding with the security mode set to TransportWithMessageCredential.
Explanation:
Since the client applications are unable to use SSL, you cannot use Transport based security, therefore, the only available options become either answer choices A or C. Since it is mentioned that Security Token Service is being used for authentication, this necessitates the use of WSFederationHttpBinding which only leaves answer choice C.