SamlSecurityTokenHandler.DetectReplayedToken Method (SecurityToken)

.NET Framework (current version)

Throws an exception if the specified token already exists in the token replay cache; otherwise the token is added to the cache.

Namespace:   System.IdentityModel.Tokens
Assembly:  System.IdentityModel (in System.IdentityModel.dll)

protected override void DetectReplayedToken(
	SecurityToken token


Type: System.IdentityModel.Tokens.SecurityToken

A SecurityToken that represents the SAML 1.1 security token (the token should be of type SamlSecurityToken) to be checked.

Exception Condition

token is null.


The Configuration property is null.


The P:System.IdentityModel.Tokens.SecurityTokenHandlerConfiguration.TokenReplayCache property of the handler configuration (accessed through the Configuration property) is null.


token cannot be cast as an instance of SamlSecurityToken.


The ID of the assertion associated with the token is null or empty. (The Assertion property of the token references a SamlAssertion that has an P:System.IdentityModel.Tokens.SamlAssertion.Id property that references a T:System.IdentityModel.Tokens.SamlId with a P:System.IdentityModel.Tokens.SamlId.Value property that is null or empty.)


The token already exists in the TokenReplayCache.

The default behavior is to only check bearer tokens (tokens that do not have keys). The token replay cache is the TokenReplayCache object configured for this handler through the P:System.IdentityModel.Tokens.SecurityTokenHandlerConfiguration.TokenReplayCache property of the SecurityTokenHandlerConfiguration object referenced through the Configuration property.

.NET Framework
Available since 4.5
Return to top