SecurityBindingElement.CreateSecureConversationBindingElement Method (SecurityBindingElement, Boolean)


The .NET API Reference documentation has a new home. Visit the .NET API Browser on to see the new experience.

Creates a symmetric security binding element that is configured to establish a secure conversation between the client and service. The security context token issued at the end of the secure conversation handshake is used to secure the messages.

Namespace:   System.ServiceModel.Channels
Assembly:  System.ServiceModel (in System.ServiceModel.dll)

public static SecurityBindingElement CreateSecureConversationBindingElement(
	SecurityBindingElement bootstrapSecurity,
	bool requireCancellation


Type: System.ServiceModel.Channels.SecurityBindingElement

A SecurityBindingElement that contains specification on how the secure conversation handshake messages are secured.

Type: System.Boolean

true if cancellation is required; otherwise, false. Setting this parameter to false enables a security context token that is useful in Web farm scenarios, because in this mode the session state is encoded inside the established security context token instead of being kept in the server memory.

Exception Condition

bootstrapSecurity is null.

If requireCancellation is false, cookie-based security context tokens are issued; otherwise, session-based security context tokens are issued.

The bootstrapSecurity is used to indicate the security binding and policy used to request a SecureConversationToken from the service.

If bootstrapSecurity is a TransportSecurityBindingElement, the binding element returned by this method is also a TransportSecurityBindingElement, and IncludeTimestamp is set to true; and the LocalClientSecuritySettings object returned from LocalClientSettings has its DetectReplays property set to false; and the LocalServiceSecuritySettings object returned from LocalServiceSettings has its DetectReplays property set to false.

Otherwise, a SymmetricSecurityBindingElement is returned, with RequireSignatureConfirmation set to false.


When impersonation is required on Windows XP, use a secure session without a security context token. When security context tokens are used with impersonation an InvalidOperationException is thrown. For more information, seeUnsupported Scenarios. For more information about secure sessions, see Secure Sessions.

The following code shows how to call this method.

SecurityBindingElement security = SecurityBindingElement.CreateMutualCertificateBindingElement();

// Use a secure session.
security = SecurityBindingElement.CreateSecureConversationBindingElement(security, true);

.NET Framework
Available since 3.0
Return to top