Upgrade your Internet Experience
Microsoft.com
Welcome Sign in
.NET Framework Developer Center
Click to Rate and Give Feedback
MSDN
MSDN Library
.NET Development
.NET Framework 3.5
WCF Feature Details
Security
Secure Sessions

  Switch on low bandwidth view
This page is specific to
Microsoft Visual Studio 2008/.NET Framework 3.5

Other versions are also available for the following:
Secure Sessions

A feature of Windows Communication Foundation (WCF) is reliable sessions that guarantee messages are received in the order they were sent. The topics in this section discuss the security implications to consider when creating a reliable session. For more information about reliable sessions, see Using Sessions.

ms731996.note(en-us,VS.90).gifNote:
When impersonation is required on Windows XP, use a secure session without a stateful security context token (SCT). When stateful SCTs are used with impersonation, an InvalidOperationException is thrown. For more information, see Unsupported Scenarios.

In This Section

Secure Conversations and Secure Sessions

Secure conversations and secure sessions are synonymous. This topic explains the way a secure conversation works, and when and why to use the pattern.

How to: Create a Secure Session

Walks through of the basics of creating a secure session.

How to: Create a Stateful Security Context Token for a Secure Session

Walks through the steps of creating a Web farm that will maintain state and sessions with clients.

Security Considerations for Secure Sessions

Describes special considerations for secure sessions.

Reference

Related Sections

See Also


© 2007 Microsoft Corporation. All rights reserved.
Tags What's this?: Add a tag
Community Content   What is Community Content?
Add new content RSS  Annotations
Secure Sessions?      Micah Burnett   |   Edit   |   Show History

Are Secure Sessions a layer on top of, and only used with Reliable Messaging?

Also, it sounds like it's not considered Message Security, or Transport Security, but something in-between.

This quote is supposed to summarize what Secure Sessions are, and from the way it introduces them, it sounds like Secure Sessions are only used with Reliable Messaging.

"A feature of [WCF] is reliable sessions that guarantee messages are received in the order they were sent. The topics in this section discuss the security implications to consider when creating a reliable session." (http://msdn.microsoft.com/en-us/library/ms731996.aspx)

This quote from MSDN sounds like Secure Sessions are or can be used independently of Reliable Messaging.

"With the exception of the basicHttpBinding Element binding, the system-provided bindings in [WCF] automatically use secure sessions when message security is enabled." (http://msdn.microsoft.com/en-us/library/ms733783.aspx)

© 2009 Microsoft Corporation. All rights reserved. Terms of Use  |  Trademarks  |  Privacy Statement
Page view tracker