none
Durable Issued Token RRS feed

  • Question

  • Hi,

    Went through DurableIssued Token documentation in MSDN, however was not able to capture basic need for DurableIssued Token. Can someone through more light on this.

    To my understanding, DurableIssuedToken is used to cache the Security Token issued by Security Service either in InMemory cache or File Cache. So whenever Channel is created or proxy is created and opended the below steps are fallowed:

    1. Client will create DurableIssuedTokenCredentails with certificate information and goes for ClientSecurityTokenProvider, where  WCF infrastructure takes care of sending username and password to Secuirty Service in case of Federation binding.

    2. security service performs authentication, create a Security Token with claims information .

    3. Client receives GenericXmlToken and places them in cache.

    Question is  what is the use of placing GenricXmlSecurity Token in cache? Does that help WCF infrastructure in reusing the security token again and again for each subsequent calls to Fedeartion service until proxy or channel is closed.


    Tuesday, December 24, 2013 6:21 AM

Answers

  • Hi,

    I am sorry for the late reply.

    Durable Issued Token in Windows Communication Foundation (WCF) is used to supply credentials to the security infrastructure. The token provider in general examines the target and issues appropriate credentials so that the security infrastructure can secure the message. WCF ships with a CardSpace token provider.

    For more information, please try to refer to:
    #Durable Issued Token:
    http://msdn.microsoft.com/en-us/library/aa717045(v=vs.110).aspx .

    Best Regards,
    Amy Peng


    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.

    • Marked as answer by XXX_K Friday, January 3, 2014 12:37 PM
    Thursday, January 2, 2014 2:56 AM
    Moderator

All replies

  • Question is  what is the use of placing GenricXmlSecurity Token in cache? Does that help WCF infrastructure in reusing the security token again and again for each subsequent calls to Fedeartion service until proxy or channel is closed.

    Hi,

    We will use the GenericXmlSecurityToken class when we receive a token over the wire that is not defined in a specification or there is no way for us to determine the type of the security token. For example, in a federation scenario when you send a Request Security Token (RST) to a Security Token Service (STS) you do not always know the type of the security token returned by the STS. In such cases, you can use a GenericXmlSecurityToken to store the security token as XML along with its internal and external references.

    Also use the GenericXmlSecurityToken class to define claims using XML when one of the built-in security tokens does not suffice. Other security tokens can define their claims using XML, however the GenericXmlSecurityToken security token generically allows a security token to have an application-defined set of XML.

    Best Regards,
    Amy Peng


    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.

    Thursday, December 26, 2013 2:20 AM
    Moderator
  • Hi,

    Thank you very much for replying back and definitely your answer is throwing more insight towards security token service concept. Can you please provide more information regarding Durable Issued Token,

    1. Why would we need to go for Durable Issued Token.

    2. Also will Durable issued token placed in in memory cache or File cache is used across channels or proxys.

    3. If its not being used across proxys or channels whats the use of Durable issued token

    Any blogs or Books you would suggest to get to know about the internals of Sesurity Token Service and Federation binding and its concepts.

    I will definitely mark this as answer after the next  communication.

    Thursday, December 26, 2013 5:09 AM
  • Hi,

    I am sorry for the late reply.

    Durable Issued Token in Windows Communication Foundation (WCF) is used to supply credentials to the security infrastructure. The token provider in general examines the target and issues appropriate credentials so that the security infrastructure can secure the message. WCF ships with a CardSpace token provider.

    For more information, please try to refer to:
    #Durable Issued Token:
    http://msdn.microsoft.com/en-us/library/aa717045(v=vs.110).aspx .

    Best Regards,
    Amy Peng


    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.

    • Marked as answer by XXX_K Friday, January 3, 2014 12:37 PM
    Thursday, January 2, 2014 2:56 AM
    Moderator
  • Hi,

    Thanks for replaying. I went through the documentation, what is the basic difference between Durable Issued Token and any normal token.

    Thanks

    Friday, January 3, 2014 12:37 PM