Since WS-SecureConversation is heavy, increase complexity and have some performance implications (when used with short list session), we might be better off turn this feature off. In WS2007FederationHttpBinding, WS-SecureConversation is enabled by default.
To turn of this feature, change
establishSecurityContext attribute to false in your config file (web.config / app.config). This also applies to
Message security mode.
<ws2007FederationHttpBinding> <binding> <security mode="TransportWithMessageCredential"> <message establishSecurityContext="false" /> </security> </binding> </ws2007FederationHttpBinding>
Make sure you turn off on both the client and the service. Otherwise, you will encounter Unsecured or Incorrectly Secured Fault Was Received From The Other Party error.
This applies to WCF with .Net 4.5