This documentation is archived and is not being maintained.

WSFederationHttpSecurity.Message Property

Indicates the message security settings for the WSFederationHttpBinding.

Namespace:  System.ServiceModel
Assembly:  System.ServiceModel (in System.ServiceModel.dll)

public FederatedMessageSecurityOverHttp Message { get; }

The object returned specifies detailed message-level security properties for the wsFederationHttpBinding.

The following code shows how to access this property and use it to set properties of the wsFederationHttpBinding.

	// This method creates a WSFederationHttpBinding. 
	public static WSFederationHttpBinding 
        CreateWSFederationHttpBinding(bool isClient)
	{
	  // Create an instance of the WSFederationHttpBinding.
	  WSFederationHttpBinding b = new WSFederationHttpBinding();

	  // Set the security mode to Message.
	  b.Security.Mode = WSFederationHttpSecurityMode.Message;
	  
	  // Set the Algorithm Suite to Basic256Rsa15.
	  b.Security.Message.AlgorithmSuite = SecurityAlgorithmSuite.Basic256Rsa15;

	  // Set NegotiateServiceCredential to true.
	  b.Security.Message.NegotiateServiceCredential = true;

	  // Set IssuedKeyType to Symmetric.
	  b.Security.Message.IssuedKeyType = SecurityKeyType.SymmetricKey;

	  // Set IssuedTokenType to SAML 1.1
	  b.Security.Message.IssuedTokenType = 
          "http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#samlv1.1";

	  // Extract the STS certificate from the certificate store.
	  X509Store store = new X509Store(StoreName.TrustedPeople, StoreLocation.CurrentUser);
	  store.Open(OpenFlags.ReadOnly);
	  X509Certificate2Collection certs = store.Certificates.Find(
          X509FindType.FindByThumbprint, "0000000000000000000000000000000000000000", false);
	  store.Close();
	  
	  // Create an EndpointIdentity from the STS certificate.
	  EndpointIdentity identity = EndpointIdentity.CreateX509CertificateIdentity ( certs[0] );
	  
	  // Set the IssuerAddress using the address of the STS and the previously created  
      // EndpointIdentity.
	  b.Security.Message.IssuerAddress = 
          new EndpointAddress(new Uri("http://localhost:8000/sts/x509"), identity);

	  // Set the IssuerBinding to a WSHttpBinding loaded from configuration.  
      // The IssuerBinding is only used on federated clients. 
      if (isClient)
      {
          b.Security.Message.IssuerBinding = new WSHttpBinding("Issuer");
      }

      // Set the IssuerMetadataAddress using the metadata address of the STS and the 
      // previously created EndpointIdentity. The IssuerMetadataAddress is only used  
      // on federated services. 
      else
      {
          b.Security.Message.IssuerMetadataAddress =
              new EndpointAddress(new Uri("http://localhost:8001/sts/mex"), identity);
      }

      // Create a ClaimTypeRequirement.
	  ClaimTypeRequirement ctr = new ClaimTypeRequirement 
          ("http://example.org/claim/c1", false);

	  // Add the ClaimTypeRequirement to ClaimTypeRequirements
	  b.Security.Message.ClaimTypeRequirements.Add(ctr);
	  
	  // Return the created binding 
	  return b;
	}

Windows 7, Windows Vista, Windows XP SP2, Windows Server 2008 R2, Windows Server 2008, Windows Server 2003

The .NET Framework and .NET Compact Framework do not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.

.NET Framework

Supported in: 3.5, 3.0
Show: