Información general sobre los enlaces integrados

  • Artículo

Windows® Identity Foundation (WIF) proporciona los siguientes enlaces integrados para facilitar la comunicación con Servicios de federación de Active Directory® (AD FS) 2.0:

UserNameWSTrustBinding

UserNameWSTrustBinding autentica el cliente con un nombre de usuario y una contraseña. De forma predeterminada, utiliza la seguridad de nivel de mensaje y WS-Trust 1.3. El siguiente fragmento de código muestra cómo crear y configurar este enlace:

// TrustFeb2005UserNameMessage: UserNameWSTrustBinding userNameTrustFeb2005MessageBinding = new UserNameWSTrustBinding(); userNameTrustFeb2005MessageBinding.TrustVersion = TrustVersion.WSTrustFeb2005;

CertificateWSTrustBinding

CertificateWSTrustBinding autentica el cliente con un certificado. De forma predeterminada, utiliza la seguridad de nivel de mensaje y WS-Trust 1.3. El siguiente fragmento de código muestra cómo crear y configurar este enlace:

// TrustFeb2005CertificateMessage: CertificateWSTrustBinding certificateTrustFeb2005MessageBinding = new CertificateWSTrustBinding(); certificateTrustFeb2005MessageBinding.TrustVersion = TrustVersion.WSTrustFeb2005;

WindowsWSTrustBinding

WindowsWSTrustBinding autentica el cliente mediante el Mecanismo de negociación GSSAPI simple y protegido (SPNego). De forma predeterminada, utiliza la seguridad de nivel de mensaje y WS-Trust 1.3. El siguiente fragmento de código muestra cómo crear y configurar este enlace:

// TrustFeb2005WindowsMessage: WindowsWSTrustBinding windowsTrustFeb2005MessageBinding = new WindowsWSTrustBinding(); windowsTrustFeb2005MessageBinding.TrustVersion = TrustVersion.WSTrustFeb2005;

KerberosWSTrustBinding

KerberosWSTrustBinding autentica el cliente con Kerberos. De forma predeterminada, utiliza el transporte con la seguridad de credenciales de mensaje y WS-Trust 1.3. El siguiente fragmento de código muestra cómo crear y configurar este enlace:

// TrustFeb2005KerberosMixed: KerberosWSTrustBinding kerberosTrustFeb2005MixedBinding = new KerberosWSTrustBinding(SecurityMode.TransportWithMessageCredential); kerberosTrustFeb2005MixedBinding.TrustVersion = TrustVersion.WSTrustFeb2005;

IssuedTokenWSTrustBinding

IssuedTokenWSTrustBinding autentica el cliente con un token emitido. El siguiente fragmento de código muestra cómo crear y configurar este enlace:

// Trust13IssuedTokenAsymmetricBasic256: IssuedTokenWSTrustBinding issuedTokenBinding = new IssuedTokenWSTrustBinding(); issuedTokenBinding.KeyType = SecurityKeyType.AsymmetricKey;

Observe que este enlace no admite los siguientes escenarios:

  • Token del portador con seguridad de nivel de mensaje.

  • Tipo de clave asimétrica con seguridad de nivel de transporte.

  • Token del portador con WS-Trust 2005.

El siguiente ejemplo de código enumera los extremos expuestos por Servicios de federación de Active Directory® (AD FS) 2.0 y muestra cómo configurar el enlace adecuado:

/** WS-Trust 2005 endpoints **/

// TrustFeb2005WindowsMessage: WindowsWSTrustBinding windowsTrustFeb2005MessageBinding = new WindowsWSTrustBinding(); windowsTrustFeb2005MessageBinding.TrustVersion = TrustVersion.WSTrustFeb2005;

// TrustFeb2005WindowsMixed: WindowsWSTrustBinding windowsTrustFeb2005MixedBinding = new WindowsWSTrustBinding(SecurityMode.TransportWithMessageCredential); windowsTrustFeb2005MixedBinding.TrustVersion = TrustVersion.WSTrustFeb2005;

// TrustFeb2005WindowsTransport: WindowsWSTrustBinding windowsTrustFeb2005TransportBinding = new WindowsWSTrustBinding(SecurityMode.Transport); windowsTrustFeb2005TransportBinding.TrustVersion = TrustVersion.WSTrustFeb2005;

// TrustFeb2005CertificateMessage: CertificateWSTrustBinding certificateTrustFeb2005MessageBinding = new CertificateWSTrustBinding(); certificateTrustFeb2005MessageBinding.TrustVersion = TrustVersion.WSTrustFeb2005;

// TrustFeb2005CertificateMixed: CertificateWSTrustBinding certificateTrustFeb2005MixedBinding = new CertificateWSTrustBinding(SecurityMode.TransportWithMessageCredential); certificateTrustFeb2005MixedBinding.TrustVersion = TrustVersion.WSTrustFeb2005;

// TrustFeb2005CertificateTransport: CertificateWSTrustBinding certificateTrustFeb2005TransportBinding = new CertificateWSTrustBinding(SecurityMode.Transport); certificateTrustFeb2005TransportBinding.TrustVersion = TrustVersion.WSTrustFeb2005;

// TrustFeb2005UserNameMessage: UserNameWSTrustBinding userNameTrustFeb2005MessageBinding = new UserNameWSTrustBinding(); userNameTrustFeb2005MessageBinding.TrustVersion = TrustVersion.WSTrustFeb2005;

// TrustFeb2005UserNameMixed: UserNameWSTrustBinding userNameTrustFeb2005MixedBinding = new UserNameWSTrustBinding(SecurityMode.TransportWithMessageCredential); userNameTrustFeb2005MixedBinding.TrustVersion = TrustVersion.WSTrustFeb2005;

// TrustFeb2005UserNameBasicTransport: UserNameWSTrustBinding userNameTrustFeb2005TransportBasicBinding = new UserNameWSTrustBinding(SecurityMode.Transport, HttpClientCredentialType.Basic); userNameTrustFeb2005TransportBasicBinding.TrustVersion = TrustVersion.WSTrustFeb2005;

// TrustFeb2005UserNameDigestTransport: UserNameWSTrustBinding userNameTrustFeb2005TransportDigestBinding = new UserNameWSTrustBinding(SecurityMode.Transport, HttpClientCredentialType.Digest); userNameTrustFeb2005TransportDigestBinding.TrustVersion = TrustVersion.WSTrustFeb2005;

// TrustFeb2005KerberosMixed: KerberosWSTrustBinding kerberosTrustFeb2005MixedBinding = new KerberosWSTrustBinding(SecurityMode.TransportWithMessageCredential); kerberosTrustFeb2005MixedBinding.TrustVersion = TrustVersion.WSTrustFeb2005;

/** WS-Trust 1.3 endpoints **/

// Trust13WindowsMessage: WindowsWSTrustBinding windowsTrust13MessageBinding = new WindowsWSTrustBinding();

// Trust13WindowsMixed: WindowsWSTrustBinding windowsTrust13MixedBinding = new WindowsWSTrustBinding(SecurityMode.TransportWithMessageCredential);

// Trust13WindowsTransport: WindowsWSTrustBinding windowsTrust13TransportBinding = new WindowsWSTrustBinding(SecurityMode.Transport);

// Trust13CertificateMessage: CertificateWSTrustBinding certificateTrust13MessageBinding = new CertificateWSTrustBinding();

// Trust13CertificateMixed: CertificateWSTrustBinding certificateTrust13MixedBinding = new CertificateWSTrustBinding(SecurityMode.TransportWithMessageCredential);

// Trust13CertificateTransport: CertificateWSTrustBinding certificateTrust13TransportBinding = new CertificateWSTrustBinding(SecurityMode.Transport);

// Trust13UserNameMessage: UserNameWSTrustBinding userNameTrust13MessageBinding = new UserNameWSTrustBinding();

// Trust13UserNameMixed: UserNameWSTrustBinding userNameTrust13MixedBinding = new UserNameWSTrustBinding(SecurityMode.TransportWithMessageCredential);

// Trust13UserNameBasicTransport: UserNameWSTrustBinding userNameTrust13TransportBasicBinding = new UserNameWSTrustBinding(SecurityMode.Transport, HttpClientCredentialType.Basic);

// Trust13UserNameDigestTransport: UserNameWSTrustBinding userNameTrust13TransportDigestBinding = new UserNameWSTrustBinding(SecurityMode.Transport, HttpClientCredentialType.Digest);

// Trust13KerberosMixed: KerberosWSTrustBinding kerberosTrust13MixedBinding = new KerberosWSTrustBinding(SecurityMode.TransportWithMessageCredential);

/** WS-Trust 1.3 Issued Token endpoints **/

IssuedTokenWSTrustBinding issuedTokenBinding = new IssuedTokenWSTrustBinding();

// Trust13IssuedTokenAsymmetricBasic256: issuedTokenBinding.KeyType = SecurityKeyType.AsymmetricKey;

// Trust13IssuedTokenMixedAsymmetricBasic256: issuedTokenBinding.SecurityMode = SecurityMode.TransportWithMessageCredential; issuedTokenBinding.KeyType = SecurityKeyType.AsymmetricKey;

// Trust13IssuedTokenMixedSymmetricBasic256: issuedTokenBinding.SecurityMode = SecurityMode.TransportWithMessageCredential;

// Trust13IssuedTokenSymmetricBasic256:


/** WS-Trust 2005 Issued Token endpoints **/

// TrustFeb2005IssuedTokenAsymmetricBasic256: issuedTokenBinding.KeyType = SecurityKeyType.AsymmetricKey; issuedTokenBinding.TrustVersion = TrustVersion.WSTrustFeb2005;

// TrustFeb2005IssuedTokenMixedAsymmetricBasic256: issuedTokenBinding.SecurityMode = SecurityMode.TransportWithMessageCredential; issuedTokenBinding.KeyType = SecurityKeyType.AsymmetricKey; issuedTokenBinding.TrustVersion = TrustVersion.WSTrustFeb2005;

// TrustFeb2005IssuedTokenMixedSymmetricBasic256: issuedTokenBinding.SecurityMode = SecurityMode.TransportWithMessageCredential; issuedTokenBinding.TrustVersion = TrustVersion.WSTrustFeb2005;

// TrustFeb2005IssuedTokenSymmetricBasic256: issuedTokenBinding.TrustVersion = TrustVersion.WSTrustFeb2005;