SessionSecurityTokenHandler.ReadToken Method (XmlReader, SecurityTokenResolver)

.NET Framework (current version)

The .NET API Reference documentation has a new home. Visit the .NET API Browser on to see the new experience.

Reads the SessionSecurityToken using the specified XML reader and token resolver.

Namespace:   System.IdentityModel.Tokens
Assembly:  System.IdentityModel (in System.IdentityModel.dll)

public override SecurityToken ReadToken(
	XmlReader reader,
	SecurityTokenResolver tokenResolver


Type: System.Xml.XmlReader

The XmlReader over the incoming SecurityToken.

Type: System.IdentityModel.Selectors.SecurityTokenResolver

A SecurityTokenResolver that can used to resolve the SessionSecurityToken.

Return Value

Type: System.IdentityModel.Tokens.SecurityToken

The session security token that was read, an instance of SessionSecurityToken.

Exception Condition

reader is null.


tokenResolver is null.


The reader is not positioned at a SessionSecurityToken or the SessionSecurityToken cannot be read.

The reader must be positioned at either a WS-Secure Conversation Feb2005 or a WS-Secure Conversation 1.3 <wsc:SecurityContextToken> element.

If the token material is cached, it is read from the token cache, which is an instance of the SessionSecurityTokenCache class. Otherwise, the token material is read from the child element of the <wsc:SecurityContextToken> element that is specified by the CookieElementName and CookieNamespace properties and the ApplyTransforms method is invoked to decode the cookie.

For more information about how session tokens are serialized into a <SecurityContextToken element, see the SessionSecurityTokenHandler.WriteToken(XmlWriter, SecurityToken) method.

.NET Framework
Available since 4.5
Return to top