SecurityContextToken Class

  • Article

Represents a security context token, which is a used for signing and/or encrypting SOAP messages.

Namespace: Microsoft.Web.Services2.Security.Tokens
Assembly: Microsoft.Web.Services2 (in microsoft.web.services2.dll)

Usage

'Usage
Dim securityContextToken1 As New SecurityContextToken()

Syntax

'Declaration
Public Class SecurityContextToken
    Inherits SecurityToken
    Implements IDerivableToken, IIssuedToken

public class SecurityContextToken : SecurityToken, IDerivableToken, IIssuedToken

public ref class SecurityContextToken : public SecurityToken, IDerivableToken, IIssuedToken

public class SecurityContextToken extends SecurityToken implements IDerivableToken, IIssuedToken

public class SecurityContextToken extends SecurityToken implements IDerivableToken, , IIssuedToken

Example

The following code example obtains a SecurityContextToken from a security token service and uses it to sign and encrypt a SOAP message to a Web service.

' Get the SoapContext for the SOAP request that is to be sent
' to the Web service.
Dim proxy As New Service1Wse
Dim requestContext As SoapContext = proxy.RequestSoapContext

' Get the X.509 certificate for signing the SOAP message.
Dim token As X509SecurityToken = GetSecurityToken()

' Get a security token to sign the SOAP message sent to the
' security token service. 
If token Is Nothing Then
    Throw New ApplicationException("No key provided for signature.")
End If

' Create a SecurityTokenServiceClient that will get the SecurityContextToken
Dim secureConvEndpoint As String = "https://www.contoso.com/SecureConversationCS/Service1.asmx"
Dim client As SecurityContextTokenServiceClient = New SecurityContextTokenServiceClient(New EndpointReference(New Uri(secureConvEndpoint)))

' Retrieve the issuer's cert
Dim issuerToken As SecurityToken = GetServerToken()

' Request the token, use the signing token as the Base
Dim sct As SecurityContextToken = client.IssueSecurityContextTokenAuthenticated(token, issuerToken)

' Create a security token that is derived from the SecurityContextToken.
Dim derivedToken As DerivedKeyToken = New DerivedKeyToken(CType(sct, IDerivableToken))

' Add the token issued from the token issuing service to the SOAP message.
requestContext.Security.Tokens.Add(sct)

' Add the derived security token to the SOAP message.
requestContext.Security.Tokens.Add(derivedToken)

' Sign the SOAP message using the token issued from the security token service.
requestContext.Security.Elements.Add(New MessageSignature(derivedToken))

' Communicate with the Web service.
textBoxResult.Text = proxy.AddNumbers(a, b).ToString()

// Get the SoapContext for the SOAP request that is to be sent
// to the Web service.
Service1Wse proxy = new Service1Wse();
SoapContext requestContext = proxy.RequestSoapContext;

// Get the X.509 certificate for signing the SOAP message.
X509SecurityToken token = GetSecurityToken();

// Get a security token to sign the SOAP message sent to the
// security token service. 
if (token == null)
    throw new ApplicationException("No key provided for signature.");

// Create a SecurityContextTokenServiceClient that will get the SecurityContextToken
string secureConvEndpoint = "https://www.contoso.com/secureConversation.asmx";
SecurityContextTokenServiceClient client = new SecurityContextTokenServiceClient(new Uri( secureConvEndpoint ));

// retrieve server's cert
SecurityToken issuerToken = GetServerToken();

// Request the token, use the signing token as the Base
SecurityContextToken sct = client.IssueSecurityContextTokenAuthenticated(token, issuerToken);

// Create a security token that is derived from the SecurityContextToken.
DerivedKeyToken derivedToken = new DerivedKeyToken((IDerivableToken)sct);                   

// Add the token issued from the token issuing service to the SOAP message.
requestContext.Security.Tokens.Add(sct);

// Add the derived security token to the SOAP message.
requestContext.Security.Tokens.Add(derivedToken);

// Sign the SOAP message using the token.
requestContext.Security.Elements.Add(new MessageSignature(derivedToken));

// Communicate with the Web service.
textBoxResult.Text = proxy.AddNumbers(a,b).ToString() ;

Remarks

SOAP message senders can use security context tokens to sign and/or encrypt a series of SOAP messages, known as a conversation, between a SOAP message sender and the target Web service. As long as the security context token has not expired, the SOAP message sender can use the same security context token to sign and/or encrypt the SOAP messages sent to the target Web service. Security context tokens are based on a symmetric key, which makes them inherently more efficient at digitally signing or encrypting a SOAP message than an asymmetric key. Security context tokens can be requested from a security token service by sending a SOAP message to the service. For details about setting up a security token service, see Issuing Security Tokens.

Inheritance Hierarchy

System.Object
   Microsoft.Web.Services2.Security.Tokens.SecurityToken
    Microsoft.Web.Services2.Security.Tokens.SecurityContextToken

Thread Safety

Any public static (Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.

Platforms

Development Platforms

Windows XP Home Edition, Windows XP Professional, Windows Server 2003, Windows Longhorn, and Windows 2000

Target Platforms

Windows 2000, Windows 2000 Server, Windows 2000 Advanced Server, Windows XP Home Edition, Windows XP Professional, Windows Server 2003, Windows Longhorn, Pocket PC, Windows CE, Smart Phone

See Also

Reference

Microsoft.Web.Services2.Security.Tokens Namespace

Other Resources

SecurityContextToken Members