Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
HomeAnnouncementsFree MagazinesWhite PapersSubmit Content
Discussion GroupsASP.NETWindows FormsLanguages.NET FrameworkVisual Studio.NET
Articles.NET FrameworkASP.NETToolsWindows Forms
.NET DirectoryOpen Source ProjectsUser GroupsWeb Resources
Related Topics
Visual Basic 6SQL ServerMS AccessOther DB ProductsMS Server ProductsMore Topics ...
.NET Forum / ASP.NET / Web Services / October 2004

Tip: Looking for answers? Try searching our database.

add token to tokens collection vs. adding via a security element (eg EncryptedData)

Thread view: 
Enable EMail Alerts  Start New Thread
Thread rating: 
Julie Lerman - 28 Oct 2004 18:48 GMT
I know I've seen this explanation before and cannot find it.

I'm going on this assumption and hopefully I have this right.

If you are signing or encrypting with a security token, let's say an X509
token, you could add the token to the security.Tokens collection and also
use that token to create your element (let's say EncryptedData).

Or you can skip adding the token to the Tokens collection and only add it
through the EncryptedData element.

So given that my assumption is correct...what is the difference? When and
why would you use one method over the other? I thought Hervey explained part
of this. That WSE will first look in the element for the token and if it's
not there, go look in the tokens collection.

thanks

Julie
Reply to this Message
Julie Lerman - 28 Oct 2004 21:57 GMT
p.s.  this is not referring to using UsernameTokens and their
DerivedKeyTokens, by the way.

> I know I've seen this explanation before and cannot find it.
>
[quoted text clipped - 15 lines]
>
> Julie
Reply to this Message
Softwaremaker - 28 Oct 2004 22:55 GMT
> I know I've seen this explanation before and cannot find it.
>
[quoted text clipped - 6 lines]
> Or you can skip adding the token to the Tokens collection and only add it
> through the EncryptedData element.

[Softwaremaker] There is a slight difference in whether you are signing or
encrypting with a token,
Dont know if my blog here helps in answering your question
http://dotnetjunkies.com/WebLog/softwaremaker/archive/2004/10/20/29158.aspx
Therefore, if you are signing, i believe you need to add it to your token
collection.

> So given that my assumption is correct...what is the difference? When and
> why would you use one method over the other? I thought Hervey explained part
[quoted text clipped - 4 lines]
>
> Julie
Reply to this Message

Free Magazines

Get these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...

Oracle MagazineNetwork ComputingComputer WorldBio-IT WorldeWeekInformation WeekInfosecurity
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2008 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.