Extending Security

To accommodate new claim types and custom tokens, you can extend the security infrastructure of Windows Communication Foundation (WCF). The topics in this section show you how this is done.

In This Section

Custom Credential and Credential Validation
Explains how the Identity Model is used when validating custom credentials.

Custom Tokens
Issued tokens from a Security Token Service (STS) are typically SAML tokens. This topic explains how to create a custom token type.

Custom Authorization
Explains how to implement custom authorization.

Overriding the Identity of a Service for Authentication
Describes how to override the identity of a service for authentication.

How to: Create a Custom Client Identity Verifier
Demonstrates how to validate a custom endpoint identity.

How to: Use Separate X.509 Certificates for Signing and Encryption
Messages are typically signed and encrypted with a single certificate. This topic explains how two certificates can be used, when required.

How to: Change the Cryptographic Provider for an X.509 Certificate's Private Key
Explains how to change the cryptographic provider used to provide an X.509 certificate's private key and how to integrate the provider into the Windows Communication Foundation (WCF) framework.

Reference

ServiceAuthorizationManager

System.ServiceModel.Security

System.IdentityModel.Claims

System.IdentityModel.Policy

System.IdentityModel.Tokens

System.IdentityModel.Selectors

Related Sections

Security

Basic WCF Programming

See also

• Security Overview