SecurityBindingElement Class

Definition

An abstract class that, when implemented, represents a binding element that supports channel SOAP message security.

public abstract class SecurityBindingElement : System.ServiceModel.Channels.BindingElement
Inheritance
SecurityBindingElement
Derived

Remarks

This class is the base class for the SOAP message security binding elements in WCF. There are three implementations of this abstract class: SymmetricSecurityBindingElement, AsymmetricSecurityBindingElement, and TransportSecurityBindingElement. These implementations model the bindings defined in the WS-Security Policy specification.

A custom binding contains a collection of binding elements arranged in a specific order: the element that represents the top of the binding stack is added first, the next element down in the binding stack is added second, and so on.

To add this class to a binding, do the following:

  1. Create a BindingElementCollection.

  2. Create a custom binding element that is above this binding element in the binding stack, such as the optional TransactionFlowBindingElement and ReliableSessionBindingElement.

  3. Add these elements in the order previously described to the BindingElementCollection using the InsertItem method.

  4. Create an instance of a security binding element derived from SecurityBindingElement, such as AsymmetricSecurityBindingElement, SymmetricSecurityBindingElement, or TransportSecurityBindingElement.

  5. Add the derived security binding element to the collection.

  6. Add any additional custom binding elements to the collection, such as TcpTransportBindingElement.

For more information about using a SecurityBindingElement, see SecurityBindingElement Authentication Modes and How to: Create a Custom Binding Using the SecurityBindingElement.

Note

Once a SecurityBindingElement object is created, you should treat its properties as immutable. Calling set on some properties may have unpredictable effects: the binding may behave as if the property retained its old value, with a runtime failure being the only indication of an issue. Two properties known to behave this way are KeyType and MessageSecurityVersion. There may be other properties of which this is also true.

Properties

AllowInsecureTransport

Gets or sets a value that indicates whether mixed-mode secured messages can be sent over an unsecured transport such as HTTP.

DefaultAlgorithmSuite

Gets or sets the message encryption and key-wrap algorithms.

EnableUnsecuredResponse

Gets or sets a value that indicates whether WCF can send and receive unsecured responses to secured requests.

EndpointSupportingTokenParameters

Gets the endpoint that supports token parameters.

IncludeTimestamp

Gets or sets a value that indicates whether time stamps are included in each message.

KeyEntropyMode

Gets or sets the source of entropy used to create keys.

LocalClientSettings

Gets the binding properties specific to local security settings used by the client.

LocalServiceSettings

Gets the binding properties specific to local security settings used by the service.

MessageSecurityVersion

Gets or sets the message security version.

OperationSupportingTokenParameters

Gets the collection of operation supporting token parameters.

OptionalEndpointSupportingTokenParameters

Gets the optional supporting token parameters for the service endpoint.

OptionalOperationSupportingTokenParameters

Gets the collection of optional operation supporting token parameters.

ProtectTokens

Gets or sets whether the security binding element protects tokens.

SecurityHeaderLayout

Gets or sets the ordering of the elements in the security header for this binding.

Methods

BuildChannelFactory<TChannel>(BindingContext)

Creates a channel factory based on the SecurityBindingElement settings and the binding context passed in. The channel factory created is a SOAP message security channel factory, which internally has a reference to the channel factory that corresponds to the binding context, (which includes the transport channel factory).

BuildChannelFactoryCore<TChannel>(BindingContext)

When implemented, creates a channel factory of a specified type.

BuildChannelListener<TChannel>(BindingContext)

Creates a channel listener based on the SecurityBindingElement settings and the binding context passed in.

BuildChannelListenerCore<TChannel>(BindingContext)

When implemented, creates a channel listener of a specified type.

CanBuildChannelFactory<TChannel>(BindingContext)

Determines whether a channel factory of the specified type can be built.

CanBuildChannelListener<TChannel>(BindingContext)

Determines whether a channel listener of the specified type can be built.

CreateAnonymousForCertificateBindingElement()

Creates a symmetric security binding element that is configured for anonymous client authentication and certificate-based server authentication.

CreateCertificateOverTransportBindingElement()

Creates a security binding element that expects clients to do certificate-based authentication using SOAP message security.

CreateCertificateOverTransportBindingElement(MessageSecurityVersion)

Creates a security binding element that expects clients to do certificate-based authentication using SOAP message security.

CreateCertificateSignatureBindingElement()

Creates a binding element using a certificate to sign messages. This binding element can be used only for one-way message exchanges and is capable only of signing the message.

CreateIssuedTokenBindingElement(IssuedSecurityTokenParameters)

Creates a symmetric security binding element that is configured to require client authentication using a symmetric-key based issued token.

CreateIssuedTokenForCertificateBindingElement(IssuedSecurityTokenParameters)

Creates a symmetric security binding element that is configured to require client authentication based on an issued token and server authentication based on the server certificate.

CreateIssuedTokenForSslBindingElement(IssuedSecurityTokenParameters, Boolean)

Creates a symmetric security binding element that is configured to require client authentication based on an issued token and server authentication based on the server certificate.

CreateIssuedTokenForSslBindingElement(IssuedSecurityTokenParameters)

Creates a symmetric security binding element that is configured to require client authentication based on an issued token and server authentication based on the server certificate.

CreateIssuedTokenOverTransportBindingElement(IssuedSecurityTokenParameters)

Creates a security binding element configured to require SOAP security based client authentication using an issued token. This binding element requires the transport to provide server authentication and message protection (for example, HTTPS).

CreateKerberosBindingElement()

Creates a symmetric security binding element that is configured to require client authentication based on the client's Kerberos token.

CreateKerberosOverTransportBindingElement()

Creates a security binding element that is configured to require SOAP-security based client authentication using the client's Kerberos token. This binding element requires the transport to provide server authentication and message protection (for example, HTTPS).

CreateMutualCertificateBindingElement()

Creates an asymmetric security binding element that is configured to require certificate-based client authentication as well as certificate-based server authentication.

CreateMutualCertificateBindingElement(MessageSecurityVersion)

Creates an asymmetric security binding element that is configured to require certificate-based client authentication as well as certificate-based server authentication.

CreateMutualCertificateBindingElement(MessageSecurityVersion, Boolean)

Creates an asymmetric security binding element that is configured to require certificate-based client authentication as well as certificate-based server authentication.

CreateMutualCertificateDuplexBindingElement()

Creates an asymmetric security binding element that is configured to require certificate-based client authentication as well as certificate-based server authentication. This authentication mode can be used to secure duplex message-exchange patterns and requires the service to be configured with the client certificate out of band.

CreateMutualCertificateDuplexBindingElement(MessageSecurityVersion)

Creates an asymmetric security binding element that is configured to require certificate-based client authentication as well as certificate-based server authentication. This authentication mode can be used to secure duplex message exchange patterns and requires the service to be configured with the client certificate out of band.

CreateSecureConversationBindingElement(SecurityBindingElement)

Creates a symmetric security binding element that is configured to establish a secure conversation between the client and service. The security context token issued at the end of the secure conversation handshake is used to secure the messages. The bootstrap security binding element specifies how the secure conversation handshake messages are secured.

CreateSecureConversationBindingElement(SecurityBindingElement, Boolean)

Creates a symmetric security binding element that is configured to establish a secure conversation between the client and service. The security context token issued at the end of the secure conversation handshake is used to secure the messages.

CreateSecureConversationBindingElement(SecurityBindingElement, Boolean, ChannelProtectionRequirements)

Creates a symmetric security binding element that is configured to establish a secure conversation between the client and service. The security context token issued at the end of the secure conversation handshake is used to secure the messages. The bootstrap security binding element specifies how the secure conversation handshake messages are secured.

CreateSslNegotiationBindingElement(Boolean, Boolean)

Creates a symmetric security binding element that does SOAP SSL negotiation, noting whether a client certificate and cancellation is required.

CreateSslNegotiationBindingElement(Boolean)

Creates a symmetric security binding element that is configured to do SOAP-level SSL negotiation between the client and server, noting whether a client certificate is required.

CreateSspiNegotiationBindingElement()

Creates a symmetric security binding element that does SOAP SSPI negotiation based on the Negotiate authentication package.

CreateSspiNegotiationBindingElement(Boolean)

Creates a symmetric security binding element that does SOAP SSPI negotiation based on the Negotiate authentication package.

CreateSspiNegotiationOverTransportBindingElement()

Creates a security binding element that is configured for client authentication based on SOAP SSPI negotiation using the Negotiate authentication package. The binding element requires the transport to provide server authentication and message protection (for example, HTTPS).

CreateSspiNegotiationOverTransportBindingElement(Boolean)

Creates a security binding element that is configured for client authentication based on SOAP SSPI negotiation using the Negotiate authentication package. The binding element requires the transport to provide server authentication and message protection (for example, HTTPS).

CreateUserNameForCertificateBindingElement()

Creates a symmetric security binding element that is configured to require user name- and password-based client authentication and certificate-based server authentication. The created binding element requires the client to be configured with a service certificate that is out-of-band before opening a communication channel with a service.

CreateUserNameForSslBindingElement()

Creates a symmetric security binding element that is configured to require user name- and password-based client authentication and certificate-based server authentication. The client authenticates the server using the SOAP-level SSL protocol.

CreateUserNameForSslBindingElement(Boolean)

Creates a symmetric security binding element that is configured to require user name- and password-based client authentication and certificate-based server authentication. The client authenticates the server using the SOAP-level SSL protocol.

CreateUserNameOverTransportBindingElement()

Creates a security binding element that is configured for client authentication based on a user name and password sent as part of the SOAP message. The binding element requires the transport to provide server authentication and message protection (for example, HTTPS).

GetProperty<T>(BindingContext)

Gets a specified object using the specified BindingContext.

SetIssuerBindingContextIfRequired(SecurityTokenParameters, BindingContext)

Sets the key for the token requirement property whose value is the BindingContext used to talk to the issuing party if the requirement is for an issued token.

SetKeyDerivation(Boolean)

Sets a value that indicates whether derived keys are required.

ToString()

Returns a description of this class.

Equals(Object) Inherited from Object
Equals(Object, Object) Inherited from Object
GetHashCode() Inherited from Object
GetType() Inherited from Object
MemberwiseClone() Inherited from Object
ReferenceEquals(Object, Object) Inherited from Object
Clone() Inherited from BindingElement

Applies to