Export (0) Print
Expand All

SecurityStateEncoder Class

An abstract class that can be implemented to encode the security state.

Namespace:  System.ServiceModel.Security
Assembly:  System.ServiceModel (in System.ServiceModel.dll)

public abstract class SecurityStateEncoder

The SecurityStateEncoder type exposes the following members.

  NameDescription
Protected methodSecurityStateEncoderInitializes a new instance of the SecurityStateEncoder class.
Top

  NameDescription
Protected methodDecodeSecurityStateInfrastructure. Decodes the security state.
Protected methodEncodeSecurityStateInfrastructure. Encodes the security state.
Public methodEquals(Object)Determines whether the specified object is equal to the current object. (Inherited from Object.)
Protected methodFinalizeAllows an object to try to free resources and perform other cleanup operations before it is reclaimed by garbage collection. (Inherited from Object.)
Public methodGetHashCodeServes as the default hash function. (Inherited from Object.)
Public methodGetTypeGets the Type of the current instance. (Inherited from Object.)
Protected methodMemberwiseCloneCreates a shallow copy of the current Object. (Inherited from Object.)
Public methodToStringReturns a string that represents the current object. (Inherited from Object.)
Top

This class is used to encode and decode the content of the security context token when a binding with message security that uses a stateful security context token is used. For more information about stateful security context tokens, see How to: Create a Security Context Token for a Secure Session topic.

Microsoft’s version of SecurityStateEncoder is DataProtectionSecurityStateEncoder. It uses Microsoft’s Windows Data Protection (DPAPI) technology to encrypt/decrypt the cookie. You can plug in a different mechanism for encrypting and decrypting cookies by implementing this class.

The encoding of the security state must ensure that the state is signed and encrypted for the service.

This class is used by the server when sending the security state as a cookie in the SecurityContextToken issued to the client.

An example implementation of this class is an X509CertificateSecurityStateEncoder that uses the service's certificate to sign and encrypt the security state.

.NET Framework

Supported in: 4.5, 4, 3.5, 3.0

.NET Framework Client Profile

Supported in: 4, 3.5 SP1

Windows 8.1, Windows Server 2012 R2, Windows 8, Windows Server 2012, Windows 7, Windows Vista SP2, Windows Server 2008 (Server Core Role not supported), Windows Server 2008 R2 (Server Core Role supported with SP1 or later; Itanium not supported)

The .NET Framework does not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.

Any public static (Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.
Show:
© 2014 Microsoft