ServiceCredentialsSecurityTokenManager.CreateSecurityTokenProvider Method

Reference

Definition

Namespace:: System.ServiceModel.Security

Assembly:: System.ServiceModel.dll

Important

Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.

Creates a security token provider based on the SecurityTokenRequirement.

public:
 override System::IdentityModel::Selectors::SecurityTokenProvider ^ CreateSecurityTokenProvider(System::IdentityModel::Selectors::SecurityTokenRequirement ^ requirement);

public override System.IdentityModel.Selectors.SecurityTokenProvider CreateSecurityTokenProvider (System.IdentityModel.Selectors.SecurityTokenRequirement requirement);

override this.CreateSecurityTokenProvider : System.IdentityModel.Selectors.SecurityTokenRequirement -> System.IdentityModel.Selectors.SecurityTokenProvider

Public Overrides Function CreateSecurityTokenProvider (requirement As SecurityTokenRequirement) As SecurityTokenProvider

Parameters

requirement: SecurityTokenRequirement

The security token requirement.

Returns

SecurityTokenProvider

The security token provider.

Exceptions

ArgumentNullException

requirement is null.

NotSupportedException

A security token provider cannot be created for the requirement that was passed in.

Examples

The following code shows how to override this method.

internal class MyServiceCredentialsSecurityTokenManager :
    ServiceCredentialsSecurityTokenManager
{
    MyServiceCredentials credentials;

    public MyServiceCredentialsSecurityTokenManager(
        MyServiceCredentials credentials)
        : base(credentials)
    {
        this.credentials = credentials;
    }

    public override SecurityTokenProvider CreateSecurityTokenProvider(
        SecurityTokenRequirement requirement)
    {
        SecurityTokenProvider result = null;
        if (requirement.TokenType == SecurityTokenTypes.X509Certificate)
        {
            MessageDirection direction = requirement.
                GetProperty<MessageDirection>(
                ServiceModelSecurityTokenRequirement.
                MessageDirectionProperty);
            if (direction == MessageDirection.Input)
            {
                if (requirement.KeyUsage == SecurityKeyUsage.Exchange)
                {
                    result = new X509SecurityTokenProvider(
                        credentials.ServiceEncryptingCertificate);
                }
                else
                {
                    result = new X509SecurityTokenProvider(
                        credentials.ClientSigningCertificate);
                }
            }
            else
            {
                if (requirement.KeyUsage == SecurityKeyUsage.Signature)
                {
                    result = new X509SecurityTokenProvider(
                        credentials.ServiceSigningCertificate);
                }
                else
                {
                    result = new X509SecurityTokenProvider(
                        credentials.ClientEncryptingCertificate);
                }
            }
        }
        else
        {
            result = base.CreateSecurityTokenProvider(requirement);
        }
        return result;
    }
}

Friend Class MyServiceCredentialsSecurityTokenManager
    Inherits ServiceCredentialsSecurityTokenManager
    Private credentials As MyServiceCredentials

    Public Sub New(ByVal credentials As MyServiceCredentials)
        MyBase.New(credentials)
        Me.credentials = credentials
    End Sub

    Public Overrides Function CreateSecurityTokenProvider(ByVal requirement As SecurityTokenRequirement) As SecurityTokenProvider
        Dim result As SecurityTokenProvider = Nothing
        If requirement.TokenType = SecurityTokenTypes.X509Certificate Then
            Dim direction As MessageDirection = requirement. GetProperty(Of MessageDirection)(ServiceModelSecurityTokenRequirement. MessageDirectionProperty)
            If direction = MessageDirection.Input Then
                If requirement.KeyUsage = SecurityKeyUsage.Exchange Then
                    result = New X509SecurityTokenProvider(credentials.ServiceEncryptingCertificate)
                Else
                    result = New X509SecurityTokenProvider(credentials.ClientSigningCertificate)
                End If
            Else
                If requirement.KeyUsage = SecurityKeyUsage.Signature Then
                    result = New X509SecurityTokenProvider(credentials.ServiceSigningCertificate)
                Else
                    result = New X509SecurityTokenProvider(credentials.ClientEncryptingCertificate)
                End If
            End If
        Else
            result = MyBase.CreateSecurityTokenProvider(requirement)
        End If
        Return result
    End Function
End Class

Remarks

The SecurityTokenProvider class is responsible for obtaining tokens for a given ServiceModelSecurityTokenRequirement. Optionally, token providers can support renewing and canceling tokens as well. The token provider can cache tokens if it is configured to do so.

Applies to