Общие сведения о встроенных привязках

Ниже перечислены встроенные в Windows® Identity Foundation (WIF) привязки, упрощающие взаимодействие с Службы федерации Active Directory® (AD FS) 2.0.

UserNameWSTrustBinding

UserNameWSTrustBinding выполняет проверку подлинности клиента с помощью имени пользователя и пароля. По умолчанию используется безопасность на уровне сообщений и протокол WS-Trust 1.3. В приведенном ниже фрагменте кода показано, как создать и настроить эту привязку.

	Копировать код
// TrustFeb2005UserNameMessage: UserNameWSTrustBinding userNameTrustFeb2005MessageBinding = new UserNameWSTrustBinding(); userNameTrustFeb2005MessageBinding.TrustVersion = TrustVersion.WSTrustFeb2005;

CertificateWSTrustBinding

CertificateWSTrustBinding выполняет проверку подлинности клиента с помощью сертификата. По умолчанию используется безопасность на уровне сообщений и протокол WS-Trust 1.3. В приведенном ниже фрагменте кода показано, как создать и настроить эту привязку.

	Копировать код
// TrustFeb2005CertificateMessage: CertificateWSTrustBinding certificateTrustFeb2005MessageBinding = new CertificateWSTrustBinding(); certificateTrustFeb2005MessageBinding.TrustVersion = TrustVersion.WSTrustFeb2005;

Копировать код

// TrustFeb2005CertificateMessage: CertificateWSTrustBinding certificateTrustFeb2005MessageBinding = new CertificateWSTrustBinding(); certificateTrustFeb2005MessageBinding.TrustVersion = TrustVersion.WSTrustFeb2005;

WindowsWSTrustBinding

WindowsWSTrustBinding выполняет проверку подлинности клиента с помощью механизма SPNego. По умолчанию используется безопасность на уровне сообщений и протокол WS-Trust 1.3. В приведенном ниже фрагменте кода показано, как создать и настроить эту привязку.

	Копировать код
// TrustFeb2005WindowsMessage: WindowsWSTrustBinding windowsTrustFeb2005MessageBinding = new WindowsWSTrustBinding(); windowsTrustFeb2005MessageBinding.TrustVersion = TrustVersion.WSTrustFeb2005;

KerberosWSTrustBinding

KerberosWSTrustBinding выполняет проверку подлинности клиента с помощью Kerberos. По умолчанию используется транспорт с безопасностью учетных данных сообщения и протокол WS-Trust 1.3. В приведенном ниже фрагменте кода показано, как создать и настроить эту привязку.

	Копировать код
// TrustFeb2005KerberosMixed: KerberosWSTrustBinding kerberosTrustFeb2005MixedBinding = new KerberosWSTrustBinding(SecurityMode.TransportWithMessageCredential); kerberosTrustFeb2005MixedBinding.TrustVersion = TrustVersion.WSTrustFeb2005;

Копировать код

// TrustFeb2005KerberosMixed: KerberosWSTrustBinding kerberosTrustFeb2005MixedBinding = new KerberosWSTrustBinding(SecurityMode.TransportWithMessageCredential); kerberosTrustFeb2005MixedBinding.TrustVersion = TrustVersion.WSTrustFeb2005;

IssuedTokenWSTrustBinding

IssuedTokenWSTrustBinding выполняет проверку подлинности клиента с помощью выпущенного маркера. В приведенном ниже фрагменте кода показано, как создать и настроить эту привязку.

	Копировать код
// Trust13IssuedTokenAsymmetricBasic256: IssuedTokenWSTrustBinding issuedTokenBinding = new IssuedTokenWSTrustBinding(); issuedTokenBinding.KeyType = SecurityKeyType.AsymmetricKey;

Обратите внимание, что эта привязка не поддерживает указанные ниже сценарии.

Маркер предъявителя с безопасностью на уровне сообщений.
Асимметричный ключ с безопасностью на уровне транспорта.
Маркер предъявителя с использование протокола WS-Trust 2005.

В приведенном ниже фрагменте кода перечислены конечные точки, предоставляемые Службы федерации Active Directory® (AD FS) 2.0, и показано, как настроить соответствующую привязку.

	Копировать код
/ Конечные точки WS-Trust 2005 / // TrustFeb2005WindowsMessage: WindowsWSTrustBinding windowsTrustFeb2005MessageBinding = new WindowsWSTrustBinding(); windowsTrustFeb2005MessageBinding.TrustVersion = TrustVersion.WSTrustFeb2005; // TrustFeb2005WindowsMixed: WindowsWSTrustBinding windowsTrustFeb2005MixedBinding = new WindowsWSTrustBinding(SecurityMode.TransportWithMessageCredential); windowsTrustFeb2005MixedBinding.TrustVersion = TrustVersion.WSTrustFeb2005; // TrustFeb2005WindowsTransport: WindowsWSTrustBinding windowsTrustFeb2005TransportBinding = new WindowsWSTrustBinding(SecurityMode.Transport); windowsTrustFeb2005TransportBinding.TrustVersion = TrustVersion.WSTrustFeb2005; // TrustFeb2005CertificateMessage: CertificateWSTrustBinding certificateTrustFeb2005MessageBinding = new CertificateWSTrustBinding(); certificateTrustFeb2005MessageBinding.TrustVersion = TrustVersion.WSTrustFeb2005; // TrustFeb2005CertificateMixed: CertificateWSTrustBinding certificateTrustFeb2005MixedBinding = new CertificateWSTrustBinding(SecurityMode.TransportWithMessageCredential); certificateTrustFeb2005MixedBinding.TrustVersion = TrustVersion.WSTrustFeb2005; // TrustFeb2005CertificateTransport: CertificateWSTrustBinding certificateTrustFeb2005TransportBinding = new CertificateWSTrustBinding(SecurityMode.Transport); certificateTrustFeb2005TransportBinding.TrustVersion = TrustVersion.WSTrustFeb2005; // TrustFeb2005UserNameMessage: UserNameWSTrustBinding userNameTrustFeb2005MessageBinding = new UserNameWSTrustBinding(); userNameTrustFeb2005MessageBinding.TrustVersion = TrustVersion.WSTrustFeb2005; // TrustFeb2005UserNameMixed: UserNameWSTrustBinding userNameTrustFeb2005MixedBinding = new UserNameWSTrustBinding(SecurityMode.TransportWithMessageCredential); userNameTrustFeb2005MixedBinding.TrustVersion = TrustVersion.WSTrustFeb2005; // TrustFeb2005UserNameBasicTransport: UserNameWSTrustBinding userNameTrustFeb2005TransportBasicBinding = new UserNameWSTrustBinding(SecurityMode.Transport, HttpClientCredentialType.Basic); userNameTrustFeb2005TransportBasicBinding.TrustVersion = TrustVersion.WSTrustFeb2005; // TrustFeb2005UserNameDigestTransport: UserNameWSTrustBinding userNameTrustFeb2005TransportDigestBinding = new UserNameWSTrustBinding(SecurityMode.Transport, HttpClientCredentialType.Digest); userNameTrustFeb2005TransportDigestBinding.TrustVersion = TrustVersion.WSTrustFeb2005; // TrustFeb2005KerberosMixed: KerberosWSTrustBinding kerberosTrustFeb2005MixedBinding = new KerberosWSTrustBinding(SecurityMode.TransportWithMessageCredential); kerberosTrustFeb2005MixedBinding.TrustVersion = TrustVersion.WSTrustFeb2005; / Конечные точки WS-Trust 1.3 / // Trust13WindowsMessage: WindowsWSTrustBinding windowsTrust13MessageBinding = new WindowsWSTrustBinding(); // Trust13WindowsMixed: WindowsWSTrustBinding windowsTrust13MixedBinding = new WindowsWSTrustBinding(SecurityMode.TransportWithMessageCredential); // Trust13WindowsTransport: WindowsWSTrustBinding windowsTrust13TransportBinding = new WindowsWSTrustBinding(SecurityMode.Transport); // Trust13CertificateMessage: CertificateWSTrustBinding certificateTrust13MessageBinding = new CertificateWSTrustBinding(); // Trust13CertificateMixed: CertificateWSTrustBinding certificateTrust13MixedBinding = new CertificateWSTrustBinding(SecurityMode.TransportWithMessageCredential); // Trust13CertificateTransport: CertificateWSTrustBinding certificateTrust13TransportBinding = new CertificateWSTrustBinding(SecurityMode.Transport); // Trust13UserNameMessage: UserNameWSTrustBinding userNameTrust13MessageBinding = new UserNameWSTrustBinding(); // Trust13UserNameMixed: UserNameWSTrustBinding userNameTrust13MixedBinding = new UserNameWSTrustBinding(SecurityMode.TransportWithMessageCredential); // Trust13UserNameBasicTransport: UserNameWSTrustBinding userNameTrust13TransportBasicBinding = new UserNameWSTrustBinding(SecurityMode.Transport, HttpClientCredentialType.Basic); // Trust13UserNameDigestTransport: UserNameWSTrustBinding userNameTrust13TransportDigestBinding = new UserNameWSTrustBinding(SecurityMode.Transport, HttpClientCredentialType.Digest); // Trust13KerberosMixed: KerberosWSTrustBinding kerberosTrust13MixedBinding = new KerberosWSTrustBinding(SecurityMode.TransportWithMessageCredential); / Конечные точки выпущенного маркера WS-Trust 1.3 / IssuedTokenWSTrustBinding issuedTokenBinding = new IssuedTokenWSTrustBinding(); // Trust13IssuedTokenAsymmetricBasic256: issuedTokenBinding.KeyType = SecurityKeyType.AsymmetricKey; // Trust13IssuedTokenMixedAsymmetricBasic256: issuedTokenBinding.SecurityMode = SecurityMode.TransportWithMessageCredential; issuedTokenBinding.KeyType = SecurityKeyType.AsymmetricKey; // Trust13IssuedTokenMixedSymmetricBasic256: issuedTokenBinding.SecurityMode = SecurityMode.TransportWithMessageCredential; // Trust13IssuedTokenSymmetricBasic256: / Конечные точки выпущенного маркера WS-Trust 2005 / // TrustFeb2005IssuedTokenAsymmetricBasic256: issuedTokenBinding.KeyType = SecurityKeyType.AsymmetricKey; issuedTokenBinding.TrustVersion = TrustVersion.WSTrustFeb2005; // TrustFeb2005IssuedTokenMixedAsymmetricBasic256: issuedTokenBinding.SecurityMode = SecurityMode.TransportWithMessageCredential; issuedTokenBinding.KeyType = SecurityKeyType.AsymmetricKey; issuedTokenBinding.TrustVersion = TrustVersion.WSTrustFeb2005; // TrustFeb2005IssuedTokenMixedSymmetricBasic256: issuedTokenBinding.SecurityMode = SecurityMode.TransportWithMessageCredential; issuedTokenBinding.TrustVersion = TrustVersion.WSTrustFeb2005; // TrustFeb2005IssuedTokenSymmetricBasic256: issuedTokenBinding.TrustVersion = TrustVersion.WSTrustFeb2005;

Копировать код

/** Конечные точки WS-Trust 2005 **/

// TrustFeb2005WindowsMessage: WindowsWSTrustBinding windowsTrustFeb2005MessageBinding = new WindowsWSTrustBinding(); windowsTrustFeb2005MessageBinding.TrustVersion = TrustVersion.WSTrustFeb2005;

// TrustFeb2005WindowsMixed: WindowsWSTrustBinding windowsTrustFeb2005MixedBinding = new WindowsWSTrustBinding(SecurityMode.TransportWithMessageCredential); windowsTrustFeb2005MixedBinding.TrustVersion = TrustVersion.WSTrustFeb2005;

// TrustFeb2005WindowsTransport: WindowsWSTrustBinding windowsTrustFeb2005TransportBinding = new WindowsWSTrustBinding(SecurityMode.Transport); windowsTrustFeb2005TransportBinding.TrustVersion = TrustVersion.WSTrustFeb2005;

// TrustFeb2005CertificateMessage: CertificateWSTrustBinding certificateTrustFeb2005MessageBinding = new CertificateWSTrustBinding(); certificateTrustFeb2005MessageBinding.TrustVersion = TrustVersion.WSTrustFeb2005;

// TrustFeb2005CertificateMixed: CertificateWSTrustBinding certificateTrustFeb2005MixedBinding = new CertificateWSTrustBinding(SecurityMode.TransportWithMessageCredential); certificateTrustFeb2005MixedBinding.TrustVersion = TrustVersion.WSTrustFeb2005;

// TrustFeb2005CertificateTransport: CertificateWSTrustBinding certificateTrustFeb2005TransportBinding = new CertificateWSTrustBinding(SecurityMode.Transport); certificateTrustFeb2005TransportBinding.TrustVersion = TrustVersion.WSTrustFeb2005;

// TrustFeb2005UserNameMessage: UserNameWSTrustBinding userNameTrustFeb2005MessageBinding = new UserNameWSTrustBinding(); userNameTrustFeb2005MessageBinding.TrustVersion = TrustVersion.WSTrustFeb2005;

// TrustFeb2005UserNameMixed: UserNameWSTrustBinding userNameTrustFeb2005MixedBinding = new UserNameWSTrustBinding(SecurityMode.TransportWithMessageCredential); userNameTrustFeb2005MixedBinding.TrustVersion = TrustVersion.WSTrustFeb2005;

// TrustFeb2005UserNameBasicTransport: UserNameWSTrustBinding userNameTrustFeb2005TransportBasicBinding = new UserNameWSTrustBinding(SecurityMode.Transport, HttpClientCredentialType.Basic); userNameTrustFeb2005TransportBasicBinding.TrustVersion = TrustVersion.WSTrustFeb2005;

// TrustFeb2005UserNameDigestTransport: UserNameWSTrustBinding userNameTrustFeb2005TransportDigestBinding = new UserNameWSTrustBinding(SecurityMode.Transport, HttpClientCredentialType.Digest); userNameTrustFeb2005TransportDigestBinding.TrustVersion = TrustVersion.WSTrustFeb2005;

// TrustFeb2005KerberosMixed: KerberosWSTrustBinding kerberosTrustFeb2005MixedBinding = new KerberosWSTrustBinding(SecurityMode.TransportWithMessageCredential); kerberosTrustFeb2005MixedBinding.TrustVersion = TrustVersion.WSTrustFeb2005;

/** Конечные точки WS-Trust 1.3 **/

// Trust13WindowsMessage: WindowsWSTrustBinding windowsTrust13MessageBinding = new WindowsWSTrustBinding();

// Trust13WindowsMixed: WindowsWSTrustBinding windowsTrust13MixedBinding = new WindowsWSTrustBinding(SecurityMode.TransportWithMessageCredential);

// Trust13WindowsTransport: WindowsWSTrustBinding windowsTrust13TransportBinding = new WindowsWSTrustBinding(SecurityMode.Transport);

// Trust13CertificateMessage: CertificateWSTrustBinding certificateTrust13MessageBinding = new CertificateWSTrustBinding();

// Trust13CertificateMixed: CertificateWSTrustBinding certificateTrust13MixedBinding = new CertificateWSTrustBinding(SecurityMode.TransportWithMessageCredential);

// Trust13CertificateTransport: CertificateWSTrustBinding certificateTrust13TransportBinding = new CertificateWSTrustBinding(SecurityMode.Transport);

// Trust13UserNameMessage: UserNameWSTrustBinding userNameTrust13MessageBinding = new UserNameWSTrustBinding();

// Trust13UserNameMixed: UserNameWSTrustBinding userNameTrust13MixedBinding = new UserNameWSTrustBinding(SecurityMode.TransportWithMessageCredential);

// Trust13UserNameBasicTransport: UserNameWSTrustBinding userNameTrust13TransportBasicBinding = new UserNameWSTrustBinding(SecurityMode.Transport, HttpClientCredentialType.Basic);

// Trust13UserNameDigestTransport: UserNameWSTrustBinding userNameTrust13TransportDigestBinding = new UserNameWSTrustBinding(SecurityMode.Transport, HttpClientCredentialType.Digest);

// Trust13KerberosMixed: KerberosWSTrustBinding kerberosTrust13MixedBinding = new KerberosWSTrustBinding(SecurityMode.TransportWithMessageCredential);

/** Конечные точки выпущенного маркера WS-Trust 1.3 **/

IssuedTokenWSTrustBinding issuedTokenBinding = new IssuedTokenWSTrustBinding();

// Trust13IssuedTokenAsymmetricBasic256: issuedTokenBinding.KeyType = SecurityKeyType.AsymmetricKey;

// Trust13IssuedTokenMixedAsymmetricBasic256: issuedTokenBinding.SecurityMode = SecurityMode.TransportWithMessageCredential; issuedTokenBinding.KeyType = SecurityKeyType.AsymmetricKey;

// Trust13IssuedTokenMixedSymmetricBasic256: issuedTokenBinding.SecurityMode = SecurityMode.TransportWithMessageCredential;

// Trust13IssuedTokenSymmetricBasic256:


/** Конечные точки выпущенного маркера WS-Trust 2005 **/

// TrustFeb2005IssuedTokenAsymmetricBasic256: issuedTokenBinding.KeyType = SecurityKeyType.AsymmetricKey; issuedTokenBinding.TrustVersion = TrustVersion.WSTrustFeb2005;

// TrustFeb2005IssuedTokenMixedAsymmetricBasic256: issuedTokenBinding.SecurityMode = SecurityMode.TransportWithMessageCredential; issuedTokenBinding.KeyType = SecurityKeyType.AsymmetricKey; issuedTokenBinding.TrustVersion = TrustVersion.WSTrustFeb2005;

// TrustFeb2005IssuedTokenMixedSymmetricBasic256: issuedTokenBinding.SecurityMode = SecurityMode.TransportWithMessageCredential; issuedTokenBinding.TrustVersion = TrustVersion.WSTrustFeb2005;

// TrustFeb2005IssuedTokenSymmetricBasic256: issuedTokenBinding.TrustVersion = TrustVersion.WSTrustFeb2005;