Información general sobre los enlaces integrados
Windows® Identity Foundation (WIF) proporciona los siguientes enlaces integrados para facilitar la comunicación con Servicios de federación de Active Directory® (AD FS) 2.0:
UserNameWSTrustBinding
UserNameWSTrustBinding autentica el cliente con un nombre de usuario y una contraseña. De forma predeterminada, utiliza la seguridad de nivel de mensaje y WS-Trust 1.3. El siguiente fragmento de código muestra cómo crear y configurar este enlace:
// TrustFeb2005UserNameMessage: UserNameWSTrustBinding userNameTrustFeb2005MessageBinding = new UserNameWSTrustBinding(); userNameTrustFeb2005MessageBinding.TrustVersion = TrustVersion.WSTrustFeb2005;
CertificateWSTrustBinding
CertificateWSTrustBinding autentica el cliente con un certificado. De forma predeterminada, utiliza la seguridad de nivel de mensaje y WS-Trust 1.3. El siguiente fragmento de código muestra cómo crear y configurar este enlace:
// TrustFeb2005CertificateMessage: CertificateWSTrustBinding certificateTrustFeb2005MessageBinding = new CertificateWSTrustBinding(); certificateTrustFeb2005MessageBinding.TrustVersion = TrustVersion.WSTrustFeb2005;
WindowsWSTrustBinding
WindowsWSTrustBinding autentica el cliente mediante el Mecanismo de negociación GSSAPI simple y protegido (SPNego). De forma predeterminada, utiliza la seguridad de nivel de mensaje y WS-Trust 1.3. El siguiente fragmento de código muestra cómo crear y configurar este enlace:
// TrustFeb2005WindowsMessage: WindowsWSTrustBinding windowsTrustFeb2005MessageBinding = new WindowsWSTrustBinding(); windowsTrustFeb2005MessageBinding.TrustVersion = TrustVersion.WSTrustFeb2005;
KerberosWSTrustBinding
KerberosWSTrustBinding autentica el cliente con Kerberos. De forma predeterminada, utiliza el transporte con la seguridad de credenciales de mensaje y WS-Trust 1.3. El siguiente fragmento de código muestra cómo crear y configurar este enlace:
// TrustFeb2005KerberosMixed: KerberosWSTrustBinding kerberosTrustFeb2005MixedBinding = new KerberosWSTrustBinding(SecurityMode.TransportWithMessageCredential); kerberosTrustFeb2005MixedBinding.TrustVersion = TrustVersion.WSTrustFeb2005;
IssuedTokenWSTrustBinding
IssuedTokenWSTrustBinding autentica el cliente con un token emitido. El siguiente fragmento de código muestra cómo crear y configurar este enlace:
// Trust13IssuedTokenAsymmetricBasic256: IssuedTokenWSTrustBinding issuedTokenBinding = new IssuedTokenWSTrustBinding(); issuedTokenBinding.KeyType = SecurityKeyType.AsymmetricKey;
Observe que este enlace no admite los siguientes escenarios:
Token del portador con seguridad de nivel de mensaje.
Tipo de clave asimétrica con seguridad de nivel de transporte.
Token del portador con WS-Trust 2005.
El siguiente ejemplo de código enumera los extremos expuestos por Servicios de federación de Active Directory® (AD FS) 2.0 y muestra cómo configurar el enlace adecuado:
/** WS-Trust 2005 endpoints **/
// TrustFeb2005WindowsMessage: WindowsWSTrustBinding windowsTrustFeb2005MessageBinding = new WindowsWSTrustBinding(); windowsTrustFeb2005MessageBinding.TrustVersion = TrustVersion.WSTrustFeb2005;
// TrustFeb2005WindowsMixed: WindowsWSTrustBinding windowsTrustFeb2005MixedBinding = new WindowsWSTrustBinding(SecurityMode.TransportWithMessageCredential); windowsTrustFeb2005MixedBinding.TrustVersion = TrustVersion.WSTrustFeb2005;
// TrustFeb2005WindowsTransport: WindowsWSTrustBinding windowsTrustFeb2005TransportBinding = new WindowsWSTrustBinding(SecurityMode.Transport); windowsTrustFeb2005TransportBinding.TrustVersion = TrustVersion.WSTrustFeb2005;
// TrustFeb2005CertificateMessage: CertificateWSTrustBinding certificateTrustFeb2005MessageBinding = new CertificateWSTrustBinding(); certificateTrustFeb2005MessageBinding.TrustVersion = TrustVersion.WSTrustFeb2005;
// TrustFeb2005CertificateMixed: CertificateWSTrustBinding certificateTrustFeb2005MixedBinding = new CertificateWSTrustBinding(SecurityMode.TransportWithMessageCredential); certificateTrustFeb2005MixedBinding.TrustVersion = TrustVersion.WSTrustFeb2005;
// TrustFeb2005CertificateTransport: CertificateWSTrustBinding certificateTrustFeb2005TransportBinding = new CertificateWSTrustBinding(SecurityMode.Transport); certificateTrustFeb2005TransportBinding.TrustVersion = TrustVersion.WSTrustFeb2005;
// TrustFeb2005UserNameMessage: UserNameWSTrustBinding userNameTrustFeb2005MessageBinding = new UserNameWSTrustBinding(); userNameTrustFeb2005MessageBinding.TrustVersion = TrustVersion.WSTrustFeb2005;
// TrustFeb2005UserNameMixed: UserNameWSTrustBinding userNameTrustFeb2005MixedBinding = new UserNameWSTrustBinding(SecurityMode.TransportWithMessageCredential); userNameTrustFeb2005MixedBinding.TrustVersion = TrustVersion.WSTrustFeb2005;
// TrustFeb2005UserNameBasicTransport: UserNameWSTrustBinding userNameTrustFeb2005TransportBasicBinding = new UserNameWSTrustBinding(SecurityMode.Transport, HttpClientCredentialType.Basic); userNameTrustFeb2005TransportBasicBinding.TrustVersion = TrustVersion.WSTrustFeb2005;
// TrustFeb2005UserNameDigestTransport: UserNameWSTrustBinding userNameTrustFeb2005TransportDigestBinding = new UserNameWSTrustBinding(SecurityMode.Transport, HttpClientCredentialType.Digest); userNameTrustFeb2005TransportDigestBinding.TrustVersion = TrustVersion.WSTrustFeb2005;
// TrustFeb2005KerberosMixed: KerberosWSTrustBinding kerberosTrustFeb2005MixedBinding = new KerberosWSTrustBinding(SecurityMode.TransportWithMessageCredential); kerberosTrustFeb2005MixedBinding.TrustVersion = TrustVersion.WSTrustFeb2005;
/** WS-Trust 1.3 endpoints **/
// Trust13WindowsMessage: WindowsWSTrustBinding windowsTrust13MessageBinding = new WindowsWSTrustBinding();
// Trust13WindowsMixed: WindowsWSTrustBinding windowsTrust13MixedBinding = new WindowsWSTrustBinding(SecurityMode.TransportWithMessageCredential);
// Trust13WindowsTransport: WindowsWSTrustBinding windowsTrust13TransportBinding = new WindowsWSTrustBinding(SecurityMode.Transport);
// Trust13CertificateMessage: CertificateWSTrustBinding certificateTrust13MessageBinding = new CertificateWSTrustBinding();
// Trust13CertificateMixed: CertificateWSTrustBinding certificateTrust13MixedBinding = new CertificateWSTrustBinding(SecurityMode.TransportWithMessageCredential);
// Trust13CertificateTransport: CertificateWSTrustBinding certificateTrust13TransportBinding = new CertificateWSTrustBinding(SecurityMode.Transport);
// Trust13UserNameMessage: UserNameWSTrustBinding userNameTrust13MessageBinding = new UserNameWSTrustBinding();
// Trust13UserNameMixed: UserNameWSTrustBinding userNameTrust13MixedBinding = new UserNameWSTrustBinding(SecurityMode.TransportWithMessageCredential);
// Trust13UserNameBasicTransport: UserNameWSTrustBinding userNameTrust13TransportBasicBinding = new UserNameWSTrustBinding(SecurityMode.Transport, HttpClientCredentialType.Basic);
// Trust13UserNameDigestTransport: UserNameWSTrustBinding userNameTrust13TransportDigestBinding = new UserNameWSTrustBinding(SecurityMode.Transport, HttpClientCredentialType.Digest);
// Trust13KerberosMixed: KerberosWSTrustBinding kerberosTrust13MixedBinding = new KerberosWSTrustBinding(SecurityMode.TransportWithMessageCredential);
/** WS-Trust 1.3 Issued Token endpoints **/
IssuedTokenWSTrustBinding issuedTokenBinding = new IssuedTokenWSTrustBinding();
// Trust13IssuedTokenAsymmetricBasic256: issuedTokenBinding.KeyType = SecurityKeyType.AsymmetricKey;
// Trust13IssuedTokenMixedAsymmetricBasic256: issuedTokenBinding.SecurityMode = SecurityMode.TransportWithMessageCredential; issuedTokenBinding.KeyType = SecurityKeyType.AsymmetricKey;
// Trust13IssuedTokenMixedSymmetricBasic256: issuedTokenBinding.SecurityMode = SecurityMode.TransportWithMessageCredential;
// Trust13IssuedTokenSymmetricBasic256:
/** WS-Trust 2005 Issued Token endpoints **/
// TrustFeb2005IssuedTokenAsymmetricBasic256: issuedTokenBinding.KeyType = SecurityKeyType.AsymmetricKey; issuedTokenBinding.TrustVersion = TrustVersion.WSTrustFeb2005;
// TrustFeb2005IssuedTokenMixedAsymmetricBasic256: issuedTokenBinding.SecurityMode = SecurityMode.TransportWithMessageCredential; issuedTokenBinding.KeyType = SecurityKeyType.AsymmetricKey; issuedTokenBinding.TrustVersion = TrustVersion.WSTrustFeb2005;
// TrustFeb2005IssuedTokenMixedSymmetricBasic256: issuedTokenBinding.SecurityMode = SecurityMode.TransportWithMessageCredential; issuedTokenBinding.TrustVersion = TrustVersion.WSTrustFeb2005;
// TrustFeb2005IssuedTokenSymmetricBasic256: issuedTokenBinding.TrustVersion = TrustVersion.WSTrustFeb2005;