3.1.1.1 GetProxyTrustConfiguration

The client calls this method to get the information required by the client to verify security tokens issued by the server to the client using the protocol specified in [MS-MWBF]. The following data is used in the client's request sent to the server and in the server's response sent to the client.

 Name

 Description

 Corresponding message parameter

Client Policy GUID

This is a globally unique identifier for the policy that is held by the client at the time of a GetProxyTrustConfiguration request.

Request: <GUID> element

Server Policy GUID

This is a globally unique identifier for the policy that is maintained by the server at the time of issuing a GetProxyTrustConfiguration response.

Response: <GUID> element

Client Policy Version

This is a version number for the policy that is held by the client at the time of a GetProxyTrustConfiguration request.

Request: <Version> element

Server Policy Version

This is a version number for the policy that is maintained by the server at the time of issuing a GetProxyTrustConfiguration response.

Response: <Version> element

Hosted Realm URI

This is an identifier for the server. This URI is used in security tokens to identify the server as the issuer of the security token.

Response: <HostedRealmUriStr>

Login Service URL

This is the URL that client SHOULD redirect service requests to using the protocol specified in [MS-MWBF].

Response: <LsUrlStr>

Cookie Path

This is the cookie path per [RFC2965] to use when issuing cookies from the proxy.

Response: <CookiePath>

Suppress Realm Cookie

If true, this parameter indicates that the user’s security realm selection SHOULD NOT be cached in a [RFC2965] cookie.

Response: <SuppressRealmCookie>

Realm Cookie Lifetime

This parameter dictates the lifetime of a [RFC2965] cookie for caching the user’s security realm selection.

Response: <RealmCookieLifetime>

List of Security Realm Specific Data

This parameter contains a list of the security realm specific data described in the following table.

Response: <trustConfig>

The following table contains a list of possible values for the List of Security Realm Specific Data parameter in the GetProxyTrustConfiguration method.

 Name

 Description

 Corresponding message parameter

Security Realm Type

All security realms with a Trust Type not equal to "TrustedRealm" are ignored.

Response: <trustType>

Security Realm Display Name

The Trust Display Name is the name to display to users who are choosing a security realm.

Response: <trustDisplayName>

Security Realm URI

The Trust URI is the internal identifier of the security realm.

Response: <trustUri>

Security Realm Login Service URL

The Trust Login Service URL is the URL to which users SHOULD be directed when they select the security realm.

Response: <trustLsUrl>

Acceptable Authentication Methods for Security Realm

The Acceptable Authentication Methods for Security Realm is a list of URIs that identify acceptable methods of authentication for the security realm. The list of method URIs is included with the requests to the security realm using the wauth parameter described in [MS-MWBF] section 2.2.3.

Response: <acceptableAuthenticationMethodStrings>

Show: