This documentation is archived and is not being maintained.

SecurityStateEncoder Class

An abstract class that can be implemented to encode the security state.

Namespace:  System.ServiceModel.Security
Assembly:  System.ServiceModel (in System.ServiceModel.dll)

public abstract class SecurityStateEncoder

The SecurityStateEncoder type exposes the following members.

Protected methodSecurityStateEncoderInitializes a new instance of the SecurityStateEncoder class.

Protected methodDecodeSecurityStateInfrastructure. Decodes the security state.
Protected methodEncodeSecurityStateInfrastructure. Encodes the security state.
Public methodEquals(Object)Determines whether the specified Object is equal to the current Object. (Inherited from Object.)
Protected methodFinalizeAllows an object to try to free resources and perform other cleanup operations before it is reclaimed by garbage collection. (Inherited from Object.)
Public methodGetHashCodeServes as a hash function for a particular type. (Inherited from Object.)
Public methodGetTypeGets the Type of the current instance. (Inherited from Object.)
Protected methodMemberwiseCloneCreates a shallow copy of the current Object. (Inherited from Object.)
Public methodToStringReturns a string that represents the current object. (Inherited from Object.)

This class is used to encode and decode the content of the security context token when a binding with message security that uses a stateful security context token is used. For more information about stateful security context tokens, see How To: Create a Stateful Security Context Token for a Secure Session topic.

Microsoft’s version of SecurityStateEncoder is DataProtectionSecurityStateEncoder. It uses Microsoft’s Windows Data Protection (DPAPI) technology to encrypt/decrypt the cookie. You can plug in a different mechanism for encrypting and decrypting cookies by implementing this class.

The encoding of the security state must ensure that the state is signed and encrypted for the service.

This class is used by the server when sending the security state as a cookie in the SecurityContextToken issued to the client.

An example implementation of this class is an X509CertificateSecurityStateEncoder that uses the service's certificate to sign and encrypt the security state.

.NET Framework

Supported in: 4, 3.5, 3.0

.NET Framework Client Profile

Supported in: 4, 3.5 SP1

Windows 7, Windows Vista SP1 or later, Windows XP SP3, Windows Server 2008 (Server Core not supported), Windows Server 2008 R2 (Server Core supported with SP1 or later), Windows Server 2003 SP2

The .NET Framework does not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.

Any public static (Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.