How to: Use Multiple Security Tokens of the Same Type
In .NET Framework 3.0, a client message only contained one token of any given type. Now client messages can contain multiple tokens of a type. This topic shows how to include multiple tokens of the same type in a client message.
Note that you cannot configure a service in this way: a service can contain only one supporting token.
To use multiple security tokens of the same type
Create an empty binding element collection to be populated.
// Create an empty BindingElementCollection to populate, // then create a custom binding from it. BindingElementCollection bec = new BindingElementCollection();
Create a SecurityBindingElement by calling CreateMutualCertificateBindingElement.
SecurityBindingElement sbe = SecurityBindingElement.CreateMutualCertificateBindingElement();
Create a SupportingTokenParameters collection.
SupportingTokenParameters supportParams = new SupportingTokenParameters();
Add SAML tokens to the collection.
// Two supporting SAML tokens are being added. supportParams.SignedEndorsing.Add(new IssuedSecurityTokenParameters("samlTokenType", issuerEndpointAddress1, issuerBinding1)); supportParams.SignedEndorsing.Add(new IssuedSecurityTokenParameters("samlTokenType", issuerEndpointAddress2, issuerBinding2));
Add the collection to the SecurityBindingElement.
((SymmetricSecurityBindingElement)sbe).OperationSupportingTokenParameters.Add("*", supportParams);
Add binding elements to the binding element collection.
bec.Add(sbe); bec.Add(new TextMessageEncodingBindingElement()); bec.Add(new HttpTransportBindingElement());
Return a new custom binding created from the binding element collection.
// Create a CustomBinding and return it; otherwise, return null. return new CustomBinding(bec);
Example
The following is the entire method described by the preceding procedure.
// This method creates a CustomBinding that includes two tokens of a given type.
public static Binding CreateCustomBinding(EndpointAddress issuerEndpointAddress1, Binding issuerBinding1, EndpointAddress issuerEndpointAddress2, Binding issuerBinding2)
{
// Create an empty BindingElementCollection to populate,
// then create a custom binding from it.
BindingElementCollection bec = new BindingElementCollection();
SecurityBindingElement sbe = SecurityBindingElement.CreateMutualCertificateBindingElement();
SupportingTokenParameters supportParams = new SupportingTokenParameters();
// Two supporting SAML tokens are being added.
supportParams.SignedEndorsing.Add(new IssuedSecurityTokenParameters("samlTokenType", issuerEndpointAddress1, issuerBinding1));
supportParams.SignedEndorsing.Add(new IssuedSecurityTokenParameters("samlTokenType", issuerEndpointAddress2, issuerBinding2));
((SymmetricSecurityBindingElement)sbe).OperationSupportingTokenParameters.Add("*", supportParams);
bec.Add(sbe);
bec.Add(new TextMessageEncodingBindingElement());
bec.Add(new HttpTransportBindingElement());
// Create a CustomBinding and return it; otherwise, return null.
return new CustomBinding(bec);
}
See Also
Concepts
© 2007 Microsoft Corporation. All rights reserved.
Last Published: 2010-03-21