編輯

共用方式為


FederatedMessageSecurityOverHttp.NegotiateServiceCredential Property

Definition

Specifies whether a message level SSL negotiation is done to obtain the service's certificate.

public:
 property bool NegotiateServiceCredential { bool get(); void set(bool value); };
public bool NegotiateServiceCredential { get; set; }
member this.NegotiateServiceCredential : bool with get, set
Public Property NegotiateServiceCredential As Boolean

Property Value

true if the service certificate is negotiated; false if the service certificate is available out of band. The default is true.

Examples

The following code shows how to access this property from the binding, and set it.

// This method creates a WSFederationHttpBinding.
public static WSFederationHttpBinding
    CreateWSFederationHttpBinding(bool isClient)
{
  // Create an instance of the WSFederationHttpBinding.
  WSFederationHttpBinding b = new WSFederationHttpBinding();

  // Set the security mode to Message.
  b.Security.Mode = WSFederationHttpSecurityMode.Message;

  // Set the Algorithm Suite to Basic256Rsa15.
  b.Security.Message.AlgorithmSuite = SecurityAlgorithmSuite.Basic256Rsa15;

  // Set NegotiateServiceCredential to true.
  b.Security.Message.NegotiateServiceCredential = true;
' This method creates a WSFederationHttpBinding.
Public Shared Function CreateWSFederationHttpBinding(ByVal isClient As Boolean) As WSFederationHttpBinding
  ' Create an instance of the WSFederationHttpBinding.
  Dim b As New WSFederationHttpBinding()

  ' Set the security mode to Message.
  b.Security.Mode = WSFederationHttpSecurityMode.Message

  ' Set the Algorithm Suite to Basic256Rsa15.
  b.Security.Message.AlgorithmSuite = SecurityAlgorithmSuite.Basic256Rsa15

  ' Set NegotiateServiceCredential to true.
  b.Security.Message.NegotiateServiceCredential = True

Remarks

This property indicates whether the service certificate is negotiated automatically between the client and the service. If this property is true, then such negotiation occurs. If this property is false, then the service certificate must be specified at the client before communication with the service can occur.

Services must always specify a certificate.

If this property is true, the message level SSL negotiation for the service certificate occurs before the security token service specified via the IssuerAddress and IssuerBinding properties (or LocalIssuerAddress and LocalIssuerBinding properties) is requested to issue a security token.

Applies to