<KeyIdentifier> Element (WSE for Microsoft .NET) (1)

  • Article

Specifies the key identifier for a security token.

<policyDocument> Element

<policies> Element

<Policy> Element (WSE for Microsoft .NET) (1)

<Confidentiality> Element

<KeyInfo> Element (WSE for Microsoft .NET) (1)

<SecurityTokenReference> Element (WSE for Microsoft .NET) (1)

<KeyIdentifier>

<wsse:KeyIdentifier ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509SubjectKeyIdentifier">ZPGrPnuqATeSgVjLYcmiY/GSWWY=</wsse:KeyIdentifier>

Attributes and Elements

Attributes

Attribute Description

ValueType

Optional attribute. Specifies the type of security token that the key identifier refers to.

Child Elements

None.

Parent Elements

Element Description

<SecurityTokenReference> Element (WSE for Microsoft .NET) (1)

Specifies a security token that must be used to encrypt a SOAP message.

Text Value

A text value is required. The text value specifies the base64-encoded key identifier for a security token.

Remarks

The following table lists the supported value for the ValueType attribute and the security token it represents.

Value Description

http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509SubjectKeyIdentifier

X509SecurityToken

Example

The following code example defines the encrypted-body-x509-specific policy assertion that requires that the <Body> element be encrypted using the X509SecurityToken with the specified key.

Note

This code example is designed to demonstrate WSE features and is not intended for production use.

<?xml version="1.0" encoding="utf-8"?>
<policyDocument xmlns="https://schemas.microsoft.com/wse/2003/06/Policy">
  <mappings>
    <endpoint uri="http://www.cohowinery.com/Service1.asmx">
      <defaultOperation>
        <request policy="#encrypted-body-x509-specific" />
        <response policy="" />
        <fault policy="" />
      </defaultOperation>
    </endpoint>
  </mappings>
  <policies xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
            xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
            xmlns:wse="https://schemas.microsoft.com/wse/2003/06/Policy"
            xmlns:wsa="https://schemas.xmlsoap.org/ws/2004/03/addressing"
            xmlns:wssp="https://schemas.xmlsoap.org/ws/2002/12/secext"
            xmlns:wsp="https://schemas.xmlsoap.org/ws/2002/12/policy"
            xmlns:wssc="https://schemas.xmlsoap.org/ws/2004/04/sc"
            xmlns:rp="https://schemas.xmlsoap.org/rp">
    <!--This policy requires that the body be encrypted using a specific
        x509 security token.-->
    <wsp:Policy wsu:Id="encrypted-body-x509-specific">
      <wssp:Confidentiality wsp:Usage="wsp:Required">
        <wssp:KeyInfo>
          <wsse:SecurityTokenReference xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
            <wsse:KeyIdentifier ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509SubjectKeyIdentifier" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">ZPGrPnuqATeSgVjLYcmiY/GSWWY=</wsse:KeyIdentifier>
          </wsse:SecurityTokenReference>
        </wssp:KeyInfo>
        <wssp:MessageParts Dialect="https://schemas.xmlsoap.org/2002/12/wsse#part" xmlns:rp="https://schemas.xmlsoap.org/rp">wsp:Body()</wssp:MessageParts>
      </wssp:Confidentiality>
    </wsp:Policy>
  </policies>
</policyDocument>

See Also

Reference

<SecurityTokenReference> Element (WSE for Microsoft .NET) (1)

Concepts

Policy File Schema

Other Resources

Configuring a Web Service's Policy