Delen via


Secure Sessions

A feature of Windows Communication Foundation (WCF) is reliable sessions that guarantee messages are received in the order they were sent. The topics in this section discuss the security implications to consider when creating a reliable session. For more information about reliable sessions, see Using Sessions.

Note

When impersonation is required on Windows XP, use a secure session without a stateful security context token (SCT). When stateful SCTs are used with impersonation, an InvalidOperationException is thrown. For more information, see Unsupported Scenarios.

In This Section

Secure Conversations and Secure Sessions

Secure conversations and secure sessions are synonymous. This topic explains the way a secure conversation works, and when and why to use the pattern.

How to: Create a Secure Session

Walks through of the basics of creating a secure session.

How to: Create a Security Context Token for a Secure Session

Walks through the steps of creating a Web farm that will maintain state and sessions with clients.

Security Considerations for Secure Sessions

Describes special considerations for secure sessions.

Reference

System.ServiceModel

System.ServiceModel.Channels

Sessions, Instancing, and Concurrency

Designing and Implementing Services

See Also

Tasks

How to: Enable Message Replay Detection
How to: Create a Service That Requires Sessions

Concepts

Replay Attacks

Build Date: 2011-06-25