Hinweis
Für den Zugriff auf diese Seite ist eine Autorisierung erforderlich. Sie können versuchen, sich anzumelden oder das Verzeichnis zu wechseln.
Für den Zugriff auf diese Seite ist eine Autorisierung erforderlich. Sie können versuchen, das Verzeichnis zu wechseln.
Configuration section for authentication using the WS-Federation protocol.
<configuration>
<system.identityModel.services>
Syntax
<system.identityModel.services>
<federationConfiguration name=xs:string identityConfigurationName=xs:string>
</federationConfiguration>
</system.identityModel.services>
Attributes and Elements
The following sections describe attributes, child elements, and parent elements.
Attributes
None
Child Elements
| Element | Description |
|---|---|
| <federationConfiguration> | Contains the settings that configure the WSFederationAuthenticationModule (WSFAM) and the SessionAuthenticationModule (SAM) HTTP modules. |
Parent Elements
None
Remarks
Add a <system.identityModel.services> section to your application’s configuration file to provide settings for the SAM and WSFAM.
Important
When using the ClaimsPrincipalPermission or the ClaimsPrincipalPermissionAttribute class to provide claims-based access control in your code, the claims authorization manager (ClaimsAuthorizationManager) and policy that is used to make authorization decisions are configured through an <identityConfiguration> element that is implicitly or explicitly referenced from a <federationConfiguration> element in this section. For more information, see the Remarks under the <federationConfiguration> element.
The <system.identityModel.services> section is represented by the SystemIdentityModelServicesSection class. The collection of child <federationConfiguration> elements configured in the section is represented by the FederationConfigurationElementCollection class.
Example
The following XML shows how to add a <system.identityModel.services> section to a configuration file. You must first add section declarations for both the <system.identityModel.services> section and the <system.identityModel> sections. (When you add a <system.identityModel.services> section, you should also add a declaration for the <system.identityModel> section to ensure that a default <identityConfiguration> section can be created by the runtime if necessary.) After the section declarations have been added, you can configure federated authentication settings under the <system.identityModel.services> element.
<configuration>
<configSections>
<section name="system.identityModel" type="System.IdentityModel.Configuration.SystemIdentityModelSection, System.IdentityModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089" />
<section name="system.identityModel.services" type="System.IdentityModel.Services.Configuration.SystemIdentityModelServicesSection, System.IdentityModel.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089" />
</configSections>
<!-- Additional elements (not shown) -->
<system.identityModel.services>
<federationConfiguration>
<wsFederation passiveRedirectEnabled="true"
issuer="http://localhost:15839/wsFederationSTS/Issue"
realm="http://localhost:50969/" reply="http://localhost:50969/"
requireHttps="false"
signOutReply="http://localhost:50969/SignedOutPage.html"
signOutQueryString="Param1=value2&Param2=value2"
persistentCookiesOnPassiveRedirects="true" />
<cookieHandler requireSsl="false" />
</federationConfiguration>
</system.identityModel.services>
</configuration>