Flow for establishing a security context token to secure reliable messaging
This example scenario includes functions that are required for the composite scenario of Web Services Reliable Messaging (WS-ReliableMessaging), WS-SecureConversation, and WS-Trust. The scenario describes how to use WS-SecureConversation with WS-ReliableMessaging, the scenario is described from the WS-SecureConversation perspective.
The flow of this Web Services Reliable Messaging (WS-ReliableMessaging) scenario is very similar to the flow of the WS-SecureConversation scenario, and the exchange of the application messages is very similar to the Secure Conversation scenarios. The main difference in the two example scenarios is that the WS-ReliableMessaging sequence is secured with the security context token and scopes the WS-ReliableMessaging sequence to the security context token.
The following figure describes a summary of the message flows that are required to establish a security context token to secure reliable messaging.

Scenario
The WS-ReliableMessaging sequence is secured with the security context token and is scoping the WS-ReliableMessaging sequence to the security context token. This scenario focuses on the message exchanges that are using the security context token in the overall flow.
Typically, to use secure conversation and a security context token to secure reliable messaging, the following steps are involved;
- The WS-ReliableMessaging
run time calls APIs from the Web Services
Security run time to get the UUID of the security context token for
the session and also the API for serializing and deserializing the
security context token for managed persistent for reliable recovery.
Because of the security nature of the security context token, the WS-ReliableMessaging protocol makes sure that the serialized security context token in persistent store is protected.
- If there is already a security
context token established the UUID
of the existing security context token is returned to WS-ReliableMessaging.
If there is no security context token already established, the Web
Services Security run time initiates a call to the recipient to establish
the security context token.
The latter case is similar to the Secure Conversation scenario.
- After the WS-ReliableMessaging
run time acquires the UUID of the
security context token, the WS-ReliableMessaging run time scopes the
CreateSequence message to the security context token by using the
SecurityTokenReference (STR) argument in the CreateSequence message
and responds with the CreateSequenceResponse message.
The exchange of the application messages is very similar to the WS-SecureConversation scenario.
- The WS-ReliableMessaging run time responds with
the CreateSequenceResponse
message.
The exchange of the messages is very similar to the exchange in the WS-SecureConversation scenario.
- The WS-ReliableMessaging run time sends a SequenceAcknowledgement message to acknowledge that the message is properly delivered and secured by the security context token.
- Finally, the WS-ReliableMessaging run time sends a TerminateSequence message to terminate the sequence and is secured by the security context token.