Security Context Token

SOAP message senders can use security context tokens to sign and/or encrypt a series of SOAP messages, known as a conversation, between a SOAP message sender and the target Web service. As long as the security context token has not expired, the SOAP message sender can use the same security context token to sign and/or encrypt the SOAP messages sent to the target Web service. Also, security context tokens are based on a symmetric key, which makes them inherently more efficient at digitally signing or encrypting a SOAP message than an asymmetric key.

Security context tokens also have a benefit over other types of tokens in that they can be requested from a security token service by sending a SOAP message to a security token service. For information about setting up a security token service, see Issuing Security Tokens.

In This Section

• How to: Sign a SOAP Message By Using a Security Context Token
  Details how use policy or code to sign a SOAP message by using a security context token.

• How to: Verify Digital Signatures of SOAP Messages Signed Using a Security Context Token
  Details the configuration settings and user code required to verify digital signatures of SOAP messages that are signed using a security context token.

• How to: Encrypt a SOAP Message By Using a Security Context Token
  Details how to use policy or user code to encrypt a SOAP message by using a security context token.

• How to: Decrypt a SOAP Message Encrypted Using a Security Context Token
  Details the configuration settings and user code required to decrypt SOAP messages that are encrypted using a security context token.

Reference

• SecurityContextToken
  The class representing a security context token.

• SecurityContextTokenManager
  The class representing the security token manager for security context tokens.