Share via


Creating Custom Security Tokens

Although the Web Services Enhancements for Microsoft .NET (WSE) natively supports X.509 certificates, Security Context Tokens, Kerberos tickets, and user name tokens, WSE is flexible enough to allow you to use your own custom binary and XML security credentials.

To use your own custom security credentials, you must create two classes. The first class, which encapsulates the custom security credentials, must derive from the BinarySecurityToken class for binary security credentials and from the SecurityToken class for XML security credentials. The second class, which manages the security token, must derive from the SecurityTokenManager class. After the two classes are created, SOAP senders can use the custom security token to encrypt and sign SOAP messages. However, in order for SOAP receivers to decrypt or verify the SOAP messages, the security token manager must be registered in the recipient's configuration file so that WSE can call it to parse the XML and populate a security token.

In This Section