An abstract class that can be implemented to encode the security state.
Assembly: System.ServiceModel (in System.ServiceModel.dll)
Thetype exposes the following members.
|DecodeSecurityState||Infrastructure. Decodes the security state.|
|EncodeSecurityState||Infrastructure. Encodes the security state.|
|Equals(Object)||Determines whether the specified object is equal to the current object. (Inherited from Object.)|
|Finalize||Allows an object to try to free resources and perform other cleanup operations before it is reclaimed by garbage collection. (Inherited from Object.)|
|GetHashCode||Serves as the default hash function. (Inherited from Object.)|
|GetType||Gets the Type of the current instance. (Inherited from Object.)|
|MemberwiseClone||Creates a shallow copy of the current Object. (Inherited from Object.)|
|ToString||Returns a string that represents the current object. (Inherited from Object.)|
This class is used to encode and decode the content of the security context token when a binding with message security that uses a stateful security context token is used. For more information about stateful security context tokens, see How to: Create a Security Context Token for a Secure Session topic.
Microsoft’s version of is DataProtectionSecurityStateEncoder. It uses Microsoft’s Windows Data Protection (DPAPI) technology to encrypt/decrypt the cookie. You can plug in a different mechanism for encrypting and decrypting cookies by implementing this class.
The encoding of the security state must ensure that the state is signed and encrypted for the service.
This class is used by the server when sending the security state as a cookie in the SecurityContextToken issued to the client.
An example implementation of this class is an X509CertificateSecurityStateEncoder that uses the service's certificate to sign and encrypt the security state.