3.1.1.1 GetProxyTrustConfiguration
The client calls this method to get the information required by the client to verify security tokens issued by the server to the client using the protocol specified in [MS-MWBF]. The following data is used in the client's request sent to the server and in the server's response sent to the client.
|
Name |
Description |
Corresponding message parameter |
|---|---|---|
|
Client Policy GUID |
This is a globally unique identifier for the policy that is held by the client at the time of a GetProxyTrustConfiguration request. |
Request: <GUID> element |
|
Server Policy GUID |
This is a globally unique identifier for the policy that is maintained by the server at the time of issuing a GetProxyTrustConfiguration response. |
Response: <GUID> element |
|
Client Policy Version |
This is a version number for the policy that is held by the client at the time of a GetProxyTrustConfiguration request. |
Request: <Version> element |
|
Server Policy Version |
This is a version number for the policy that is maintained by the server at the time of issuing a GetProxyTrustConfiguration response. |
Response: <Version> element |
|
Hosted Realm URI |
This is an identifier for the server. This URI is used in security tokens to identify the server as the issuer of the security token. |
Response: <HostedRealmUriStr> |
|
Login Service URL |
This is the URL that client SHOULD redirect service requests to using the protocol specified in [MS-MWBF]. |
Response: <LsUrlStr> |
|
Cookie Path |
This is the cookie path per [RFC2965] to use when issuing cookies from the proxy. |
Response: <CookiePath> |
|
Suppress Realm Cookie |
If true, this parameter indicates that the user’s security realm selection SHOULD NOT be cached in a [RFC2965] cookie. |
Response: <SuppressRealmCookie> |
|
Realm Cookie Lifetime |
This parameter dictates the lifetime of a [RFC2965] cookie for caching the user’s security realm selection. |
Response: <RealmCookieLifetime> |
|
List of Security Realm Specific Data |
This parameter contains a list of the security realm specific data described in the following table. |
Response: <trustConfig> |
The following table contains a list of possible values for the List of Security Realm Specific Data parameter in the GetProxyTrustConfiguration method.
|
Name |
Description |
Corresponding message parameter |
|---|---|---|
|
Security Realm Type |
All security realms with a Trust Type not equal to "TrustedRealm" are ignored. |
Response: <trustType> |
|
Security Realm Display Name |
The Trust Display Name is the name to display to users who are choosing a security realm. |
Response: <trustDisplayName> |
|
Security Realm URI |
The Trust URI is the internal identifier of the security realm. |
Response: <trustUri> |
|
Security Realm Login Service URL |
The Trust Login Service URL is the URL to which users SHOULD be directed when they select the security realm. |
Response: <trustLsUrl> |
|
Acceptable Authentication Methods for Security Realm |
The Acceptable Authentication Methods for Security Realm is a list of URIs that identify acceptable methods of authentication for the security realm. The list of method URIs is included with the requests to the security realm using the wauth parameter described in [MS-MWBF] section 2.2.3. |
Response: <acceptableAuthenticationMethodStrings> |