Secure Sessions

 

A feature of Windows Communication Foundation (WCF) is reliable sessions that guarantee messages are received in the order they were sent. The topics in this section discuss the security implications to consider when creating a reliable session. For more information about reliable sessions, see Using Sessions.

System_CAPS_noteNote

When impersonation is required on Windows XP, use a secure session without a stateful security context token (SCT). When stateful SCTs are used with impersonation, an InvalidOperationException is thrown. For more information, see Unsupported Scenarios.

In This Section

Secure Conversations and Secure Sessions

Secure conversations and secure sessions are synonymous. This topic explains the way a secure conversation works, and when and why to use the pattern.

How to: Create a Secure Session

Walks through of the basics of creating a secure session.

How to: Create a Security Context Token for a Secure Session

Walks through the steps of creating a Web farm that will maintain state and sessions with clients.

Security Considerations for Secure Sessions

Describes special considerations for secure sessions.

Show: