Share via


<securityTokenManager> Element

Specifies the user-supplied custom security token managers for XML-based security tokens within an application domain.

<microsoft.web.services3> Element
  <security> Element

<securityTokenManager>
  <add localName namespace type />
  <remove localName namespace />
  <clear />
</securityTokenManager >

Attributes and Elements

Attributes

None

Child Elements

Element Description

<add> Element for <securityTokenManager>

Adds a user-supplied custom security manager for an XML-based security token within the application domain.

<remove> Element for <securityTokenManager>

Removes a user-supplied custom security manager for an XML-based security token within the application domain.

<clear> Element for <securityTokenManager>

Clears all user-supplied custom security managers for XML-based security tokens within an application domain.

Parent Elements

Element Description

<security> Element

Controls the security settings for a WSE application.

Remarks

When a security token is received by WSE that it does not natively support, WSE looks to see if a security token manager has been configured to handle that type of security token. WSE looks for a <add> Element for <securityTokenManager> element with a localName attribute that matches the element representing the security token within the WS-Security SOAP header. When there is a match, WSE calls the type specified in the type attribute of the <add> element to handle the security token.

Similarly, the <add> element can be used to register security token managers that override the default behavior of natively supported security tokens. For example, say you are using UsernameToken security tokens and you do not want WSE to authenticate the user name and password against a Windows user account. You can create and register a custom security token manager that authenticates the user name using a database of user name and password combinations. For more information about using UsernameToken security tokens, see How to: Verify Digital Signatures of SOAP Messages Signed Using a User Name and Password.

Before adding the <securityTokenManager> element to a configuration file, you must add the microsoft.web.services3 configuration section handler to the configuration file. For more information, see <section> Element.

Example

The following code example specifies a type to call when UsernameToken security tokens are received.

<configuration>
  <microsoft.web.services3>
    <security> 
      <securityTokenManager>
        <add localName="UsernameToken"
             type="CustomSecurityNamespace.CustomSecurityClass, AssemblyName" 
             namespace="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"/>
      </securityTokenManager>
    </security>
  </microsoft.web.services3>
</configuration>

See Also

Tasks

How to: Create a Security Token Manager for a Custom Security Token

Reference

<cacheLimit> Element