The following code fragment shows the LoginByTokenSample class method GetSecurityPolicyAssertionForHokToken. The method returns a CustomSecurityAssertionHok instance which overrides the .NET class SecurityPolicyAssertion. The security assertion contains the SAML token and the X509 certificate token. This code is taken from the LoginByToken project file samples/LoginByToken/CustomSecurityAssertionHok.cs.
Setting Up Security Policies
private SecurityPolicyAssertion
GetSecurityPolicyAssertionForHokToken(XmlElement xmlToken)
{
//When this property is set to true, client requests that use the POST method
//expect to receive a 100-Continue response from the server to indicate that
//the client should send the data to be posted. This mechanism allows clients
//to avoid sending large amounts of data over the network when the server,
//based on the request headers, intends to reject the request
ServicePointManager.Expect100Continue = true;
ServicePointManager.SecurityProtocol = SecurityProtocolType.Ssl3;
X509Certificate2 certificateToBeAdded = new X509Certificate2();
string certificateFile = ConfigurationManager.AppSettings["PfxCertificateFile"];
string password = ConfigurationManager.AppSettings["PfxCertificateFilePassword"];
certificateToBeAdded.Import(certificateFile,
password ?? string.Empty,
X509KeyStorageFlags.MachineKeySet);
var customSecurityAssertion = new CustomSecurityAssertionHok();
customSecurityAssertion.BinaryToken = xmlToken;
customSecurityAssertion.TokenType = strSamlV2TokenType;
customSecurityAssertion.SecurityToken = new X509SecurityToken(certificateToBeAdded);
return customSecurityAssertion;
}
