Assembly: Microsoft.Web.Services3 (in microsoft.web.services3.dll)
Given that most applications are secured based on the network topology in which the Web service resides, WSE 3.0 introduces a scenario-based methodology to secure communication to and from a Web service. That is, instead of piecing security together for an application using multiple low-level security operations, WSE allows you to apply security at a higher level using a prepackaged set of security operations, which are known as security assertions. For common scenarios, WSE provides a set of these security assertions that are called turnkey security assertions.
A turnkey security assertion can be used with or without a policy file. To use the UsernameOverTransportProfile turnkey assertion without a policy file, use the UsernameOverTransportAssertion class and the process specified in the How to: Secure a Web Service Without Using a Policy File topic. To use the UsernameOverTransportSecurity turnkey assertion with a policy file, use the <UsernameOverTransportSecurity> Element with the process specified in the How to: Secure a Web Service Using a Policy File topic.
When you use the usernameOverTransportSecurity policy assertion in a policy file, it is recommended that you do not specify the client's user name and password in the policy file.