SecurityTokenServiceClient.VerifyResponsePolicy Method
Verifies that the response from the security token service has encrypted and signed the appropriate elements.
Namespace: Microsoft.Web.Services2.Security
Assembly: Microsoft.Web.Services2 (in microsoft.web.services2.dll)
Usage
'Usage
Public Class securityTokenServiceClientImplementation
Inherits SecurityTokenServiceClient
Protected Overrides Sub VerifyResponsePolicy(request As SecurityTokenMessage, _
response As RequestSecurityTokenResponse)
MyBase.VerifyResponsePolicy(request, response)
End Sub
End Class
Syntax
'Declaration
Protected Overridable Sub VerifyResponsePolicy( _
ByVal request As SecurityTokenMessage, _
ByVal response As RequestSecurityTokenResponse _
)
protected virtual void VerifyResponsePolicy(
SecurityTokenMessage request,
RequestSecurityTokenResponse response
);
protected: Void VerifyResponsePolicy(
SecurityTokenMessage^ request,
RequestSecurityTokenResponse^ response
);
protected void VerifyResponsePolicy(
SecurityTokenMessage request,
RequestSecurityTokenResponse response
);
protected function VerifyResponsePolicy(
request : SecurityTokenMessage,
response : RequestSecurityTokenResponse
);
Parameters
- request
A SecurityTokenMessage that represents the request made to the security token service.
- response
A RequestSecurityTokenResponse that represents the response from the security token service.
Exceptions
| Exception type | Condition |
|---|---|
| System.ArgumentNullException | request is null. -or- response is null. |
| TrustFault | response contains an <Entropy> element, which contains the requested entropy value, and the request does not contain an <Entropy> element. -or- response contains an entropy value that is less than 16 bytes long. -or- response contains an entropy value that is not encrypted using the entropy value sent in the request. -or- response contains a <ProofToken> element, which contains the requested security token that is not encrypted using the security token that signed the request. -or- response contains an <Entropy> element and the response is not signed using the same token that encrypted the requestor's entropy value. -or- The <Body> element of response , timestamp, or WS-Addressing headers are not signed. -or- The <Body> element of response is signed more than once. -or- response does not contain a timestamp. |
Remarks
The RequestSecurityToken method calls the VerifyResponsePolicy method.
The VerifyResponsePolicy method calls the VerifyResponseConfidentiality and VerifyResponseIntegrity methods.
Thread Safety
Any public static (Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.
Platforms
Development Platforms
Windows XP Home Edition, Windows XP Professional, Windows Server 2003, Windows Longhorn, and Windows 2000
Target Platforms
Windows 2000, Windows 2000 Server, Windows 2000 Advanced Server, Windows XP Home Edition, Windows XP Professional, Windows Server 2003, Windows Longhorn, Pocket PC, Windows CE, Smart Phone
See Also
Reference
SecurityTokenServiceClient Class
Microsoft.Web.Services2.Security Namespace