SecureConversationServiceCredential Class

 

Provides credential settings for a secure conversation service.

Namespace:   System.ServiceModel.Security
Assembly:  System.ServiceModel (in System.ServiceModel.dll)

System.Object
  System.ServiceModel.Security.SecureConversationServiceCredential

public sealed class SecureConversationServiceCredential

NameDescription
System_CAPS_pubpropertySecurityContextClaimTypes

Gets a collection of the Type claims for cookie serialization.

System_CAPS_pubpropertySecurityStateEncoder

Gets or sets a customized SecurityStateEncoder for encoding and decoding cookie serialization.

NameDescription
System_CAPS_pubmethodEquals(Object)

Determines whether the specified object is equal to the current object.(Inherited from Object.)

System_CAPS_pubmethodGetHashCode()

Serves as the default hash function. (Inherited from Object.)

System_CAPS_pubmethodGetType()

Gets the Type of the current instance.(Inherited from Object.)

System_CAPS_pubmethodToString()

Returns a string that represents the current object.(Inherited from Object.)

Secure conversations involve the exchange of multiple messages and use a Security Context Token (SCT) to ensure security. The SCT is shared among the communicating parties for the lifetime of a communications session. A service can issue two different kinds of SCTs:

  • The first is a session-based SCT that contains a unique id. Messages carry only the id, and the service maintains a state-mapping cache that maps between the SCT ids and contents (such as claims, security keys, and so on). A well-behaved client must send an SCT cancellation to help the service optimize the cache resources. If you instantiate this class by calling CreateSecureConversationBindingElement with the requireCancellation parameter equal to true, the SCT is issued in this manner.

  • The second is a self-contained SCT that resides in a cookie on the client. This SCT contains the entire state information, so requires neither state management from the service nor SCT cancellation from the client. This is sometimes called a "cookie-mode" SCT. Because the SCT contains the entire state information, its size is larger than in the session-based case. With session-based SCTs, the service stores much of the state information. However, because it is self-contained, it can be used across service lifetime and persists across service shutdown and restart.

.NET Framework
Available since 3.0

Any public static (Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.

Return to top
Show: