FederatedMessageSecurityOverHttp.NegotiateServiceCredential Property

 

Specifies whether a message level SSL negotiation is done to obtain the service’s certificate.

Namespace:   System.ServiceModel
Assembly:  System.ServiceModel (in System.ServiceModel.dll)

public bool NegotiateServiceCredential { get; set; }

Property Value

Type: System.Boolean

true if the service certificate is negotiated; false if the service certificate is available out of band. The default is true.

This property indicates whether the service certificate is negotiated automatically between the client and the service. If this property is true, then such negotiation occurs. If this property is false, then the service certificate must be specified at the client before communication with the service can occur.

Services must always specify a certificate.

If this property is true, the message level SSL negotiation for the service certificate occurs before the security token service specified via the IssuerAddress and IssuerBinding properties (or LocalIssuerAddress and LocalIssuerBinding properties) is requested to issue a security token.

The following code shows how to access this property from the binding, and set it.

// This method creates a WSFederationHttpBinding.
public static WSFederationHttpBinding 
       CreateWSFederationHttpBinding(bool isClient)
{
  // Create an instance of the WSFederationHttpBinding.
  WSFederationHttpBinding b = new WSFederationHttpBinding();

  // Set the security mode to Message.
  b.Security.Mode = WSFederationHttpSecurityMode.Message;

  // Set the Algorithm Suite to Basic256Rsa15.
  b.Security.Message.AlgorithmSuite = SecurityAlgorithmSuite.Basic256Rsa15;

  // Set NegotiateServiceCredential to true.
  b.Security.Message.NegotiateServiceCredential = true;

.NET Framework
Available since 3.0
Return to top
Show: