SecurityBindingElement.CreateSecureConversationBindingElement Method (SecurityBindingElement, Boolean, ChannelProtectionRequirements)


Creates a symmetric security binding element that is configured to establish a secure conversation between the client and service. The security context token issued at the end of the secure conversation handshake is used to secure the messages. The bootstrap security binding element specifies how the secure conversation handshake messages are secured.

Namespace:   System.ServiceModel.Channels
Assembly:  System.ServiceModel (in System.ServiceModel.dll)

public static SecurityBindingElement CreateSecureConversationBindingElement(
	SecurityBindingElement bootstrapSecurity,
	bool requireCancellation,
	ChannelProtectionRequirements bootstrapProtectionRequirements


Type: System.ServiceModel.Channels.SecurityBindingElement

A SecurityBindingElement that contains specification on how the secure conversation handshake messages are secured.

Type: System.Boolean

true if cancellation is required; otherwise, false. Setting this parameter to false enables a security context token that is useful in Web farm scenarios, because in this mode the session state is encoded inside the established security context token instead of being kept in the server memory.

Type: System.ServiceModel.Security.ChannelProtectionRequirements

The ChannelProtectionRequirements object that specifies the requirements for channel protection.

Exception Condition

bootstrapSecurity is null.

The bootstrapProtectionRequirements parameter enables customization of how the messages exchanged as part of the secure conversation handshake are secured.

The bootstrapSecurity is used to indicate the security binding and policy used to request a secure conversation token from the service.

If bootstrapSecurity is a TransportSecurityBindingElement, the binding element returned by this method is also a TransportSecurityBindingElement, and IncludeTimestamp is set to true; and the LocalClientSecuritySettings object returned from LocalClientSettings has its DetectReplays property set to false; and the LocalServiceSecuritySettings object returned from LocalServiceSettings has its DetectReplays property set to false.

Otherwise, a SymmetricSecurityBindingElement is returned, with RequireSignatureConfirmation set to false.


When impersonation is required on Windows XP, use a secure session without a security context token. When security context tokens are used with impersonation an InvalidOperationException is thrown. For more information, seeUnsupported Scenarios. For more information about secure sessions, see Secure Sessions.

.NET Framework
Available since 3.0
Return to top