Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
This post is based on WIF Built-in Bindings Overview and AD FS Endpoints. This information should provide a more cohesive view for developers when developing claims aware WCF services using AD FS and WIF.
There are 30 scenarios here. Working on guidance when to use what.
WS-Trust 1.3 endpoints
| AD FS Endpoint | WCF Binding |
| /adfs/services/trust/13/windows | Trust13WindowsMessage |
| WindowsWSTrustBinding windowsTrust13MessageBinding = new WindowsWSTrustBinding(); | |
| AD FS Endpoint | WCF Binding |
| /adfs/services/trust/13/windowsmixed | Trust13WindowsMixed |
| WindowsWSTrustBinding windowsTrust13MixedBinding = new WindowsWSTrustBinding(SecurityMode.TransportWithMessageCredential); | |
| AD FS Endpoint | WCF Binding |
| /adfs/services/trust/13/windowstransport | Trust13WindowsTransport |
| WindowsWSTrustBinding windowsTrust13TransportBinding = new WindowsWSTrustBinding(SecurityMode.Transport); | |
| AD FS Endpoint | WCF Binding |
| /adfs/services/trust/13/certificate | Trust13CertificateMessage |
| CertificateWSTrustBinding certificateTrust13MessageBinding = new CertificateWSTrustBinding(); | |
| AD FS Endpoint | WCF Binding |
| /adfs/services/trust/13/certificatemixed | Trust13CertificateMixed |
| CertificateWSTrustBinding certificateTrust13MixedBinding = new CertificateWSTrustBinding(SecurityMode.TransportWithMessageCredential); | |
| AD FS Endpoint | WCF Binding |
| /adfs/services/trust/13/certificatetransport | Trust13CertificateTransport |
| CertificateWSTrustBinding certificateTrust13TransportBinding = new CertificateWSTrustBinding(SecurityMode.Transport); | |
| AD FS Endpoint | WCF Binding |
| /adfs/services/trust/13/username | Trust13UserNameMessage |
| UserNameWSTrustBinding userNameTrust13MessageBinding = new UserNameWSTrustBinding(); | |
| AD FS Endpoint | WCF Binding |
| /adfs/services/trust/13/usernamemixed | Trust13UserNameMixed |
| UserNameWSTrustBinding userNameTrust13MixedBinding = new UserNameWSTrustBinding(SecurityMode.TransportWithMessageCredential); | |
| AD FS Endpoint | WCF Binding |
| /adfs/services/trust/13/usernamebasictransport | Trust13UserNameBasicTransport |
| UserNameWSTrustBinding userNameTrust13TransportBasicBinding = new UserNameWSTrustBinding(SecurityMode.Transport, HttpClientCredentialType.Basic); | |
| AD FS Endpoint | WCF Binding |
| N/A | Trust13UserNameDigestTransport |
| UserNameWSTrustBinding userNameTrust13TransportDigestBinding = new UserNameWSTrustBinding(SecurityMode.Transport, HttpClientCredentialType.Digest); | |
| AD FS Endpoint | WCF Binding |
| /adfs/services/trust/13/kerberosmixed | Trust13KerberosMixed |
| KerberosWSTrustBinding kerberosTrust13MixedBinding = new KerberosWSTrustBinding(SecurityMode.TransportWithMessageCredential); | |
WS-Trust 1.3 Issued Token endpoints
| AD FS Endpoint | WCF Binding |
| /adfs/services/trust/13/issuedtokenasymmetricbasic256 | Trust13IssuedTokenAsymmetricBasic256 |
| IssuedTokenWSTrustBinding issuedTokenBinding = new IssuedTokenWSTrustBinding(); issuedTokenBinding.KeyType = SecurityKeyType.AsymmetricKey; | |
| AD FS Endpoint | WCF Binding |
| /adfs/services/trust/13/issuedtokenmixedasymmetricbasic256 | Trust13IssuedTokenMixedAsymmetricBasic256 |
| IssuedTokenWSTrustBinding issuedTokenBinding = new IssuedTokenWSTrustBinding(); issuedTokenBinding.SecurityMode = SecurityMode.TransportWithMessageCredential; issuedTokenBinding.KeyType = SecurityKeyType.AsymmetricKey; | |
| AD FS Endpoint | WCF Binding |
| /adfs/services/trust/13/issuedtokenmixedsymmetricbasic256 | Trust13IssuedTokenMixedSymmetricBasic256 |
| IssuedTokenWSTrustBinding issuedTokenBinding = new IssuedTokenWSTrustBinding(); issuedTokenBinding.SecurityMode = SecurityMode.TransportWithMessageCredential; | |
| AD FS Endpoint | WCF Binding |
| /adfs/services/trust/13/issuedtokensymmetricbasic256 | Trust13IssuedTokenSymmetricBasic256 |
WS-Trust 2005 endpoints
| AD FS Endpoint | WCF Binding |
| /adfs/services/trust/2005/windows | TrustFeb2005WindowsMessage |
| WindowsWSTrustBinding windowsTrustFeb2005MessageBinding = new WindowsWSTrustBinding(); windowsTrustFeb2005MessageBinding.TrustVersion = TrustVersion.WSTrustFeb2005; | |
| AD FS Endpoint | WCF Binding |
| /adfs/services/trust/2005/windowsmixed | TrustFeb2005WindowsMixed |
| WindowsWSTrustBinding windowsTrustFeb2005MixedBinding = new WindowsWSTrustBinding(SecurityMode.TransportWithMessageCredential); windowsTrustFeb2005MixedBinding.TrustVersion = TrustVersion.WSTrustFeb2005; | |
| AD FS Endpoint | WCF Binding |
| /adfs/services/trust/2005/windowstransport | TrustFeb2005WindowsTransport |
| WindowsWSTrustBinding windowsTrustFeb2005TransportBinding = new WindowsWSTrustBinding(SecurityMode.Transport); windowsTrustFeb2005TransportBinding.TrustVersion = TrustVersion.WSTrustFeb2005; | |
| AD FS Endpoint | WCF Binding |
| /adfs/services/trust/2005/certificate | TrustFeb2005CertificateMessage |
| CertificateWSTrustBinding certificateTrustFeb2005MessageBinding = new CertificateWSTrustBinding(); certificateTrustFeb2005MessageBinding.TrustVersion = TrustVersion.WSTrustFeb2005; | |
| AD FS Endpoint | WCF Binding |
| /adfs/services/trust/2005/certificatemixed | TrustFeb2005CertificateMixed |
| CertificateWSTrustBinding certificateTrustFeb2005MixedBinding = new CertificateWSTrustBinding(SecurityMode.TransportWithMessageCredential); certificateTrustFeb2005MixedBinding.TrustVersion = TrustVersion.WSTrustFeb2005; | |
| AD FS Endpoint | WCF Binding |
| /adfs/services/trust/2005/certificatetransport | TrustFeb2005CertificateTransport |
| CertificateWSTrustBinding certificateTrustFeb2005TransportBinding = new CertificateWSTrustBinding(SecurityMode.Transport); certificateTrustFeb2005TransportBinding.TrustVersion = TrustVersion.WSTrustFeb2005; | |
| AD FS Endpoint | WCF Binding |
| /adfs/services/trust/2005/username | TrustFeb2005UserNameMessage |
| UserNameWSTrustBinding userNameTrustFeb2005MessageBinding = new UserNameWSTrustBinding(); userNameTrustFeb2005MessageBinding.TrustVersion = TrustVersion.WSTrustFeb2005; | |
| AD FS Endpoint | WCF Binding |
| /adfs/services/trust/2005/usernamemixed | TrustFeb2005UserNameMixed |
| UserNameWSTrustBinding userNameTrustFeb2005MixedBinding = new UserNameWSTrustBinding(SecurityMode.TransportWithMessageCredential); userNameTrustFeb2005MixedBinding.TrustVersion = TrustVersion.WSTrustFeb2005; | |
| AD FS Endpoint | WCF Binding |
| /adfs/services/trust/2005/usernamebasictransport | TrustFeb2005UserNameBasicTransport |
| UserNameWSTrustBinding userNameTrustFeb2005TransportBasicBinding = new UserNameWSTrustBinding(SecurityMode.Transport, HttpClientCredentialType.Basic); userNameTrustFeb2005TransportBasicBinding.TrustVersion = TrustVersion.WSTrustFeb2005; | |
| AD FS Endpoint | WCF Binding |
| TrustFeb2005UserNameDigestTransport | |
| UserNameWSTrustBinding userNameTrustFeb2005TransportDigestBinding = new UserNameWSTrustBinding(SecurityMode.Transport, HttpClientCredentialType.Digest); userNameTrustFeb2005TransportDigestBinding.TrustVersion = TrustVersion.WSTrustFeb2005; | |
| AD FS Endpoint | WCF Binding |
| /adfs/services/trust/2005/kerberosmixed | TrustFeb2005KerberosMixed |
| KerberosWSTrustBinding kerberosTrustFeb2005MixedBinding = new KerberosWSTrustBinding(SecurityMode.TransportWithMessageCredential); kerberosTrustFeb2005MixedBinding.TrustVersion = TrustVersion.WSTrustFeb2005; | |
WS-Trust 2005 Issued Token endpoints
| AD FS Endpoint | WCF Binding |
| /adfs/services/trust/2005/issuedtokenasymmetricbasic256 | TrustFeb2005IssuedTokenAsymmetricBasic256 |
| issuedTokenBinding.KeyType = SecurityKeyType.AsymmetricKey; issuedTokenBinding.TrustVersion = TrustVersion.WSTrustFeb2005; | |
| AD FS Endpoint | WCF Binding |
| /adfs/services/trust/2005/issuedtokenmixedasymmetricbasic256 | TrustFeb2005IssuedTokenMixedAsymmetricBasic256 |
| issuedTokenBinding.SecurityMode = SecurityMode.TransportWithMessageCredential; issuedTokenBinding.KeyType = SecurityKeyType.AsymmetricKey; issuedTokenBinding.TrustVersion = TrustVersion.WSTrustFeb2005; | |
| AD FS Endpoint | WCF Binding |
| /adfs/services/trust/2005/issuedtokenmixedsymmetricbasic256 | TrustFeb2005IssuedTokenMixedSymmetricBasic256 |
| issuedTokenBinding.SecurityMode = SecurityMode.TransportWithMessageCredential; issuedTokenBinding.TrustVersion = TrustVersion.WSTrustFeb2005; | |
| AD FS Endpoint | WCF Binding |
| /adfs/services/trust/2005/issuedtokensymmetricbasic256 | TrustFeb2005IssuedTokenSymmetricBasic256 |
| issuedTokenBinding.TrustVersion = TrustVersion.WSTrustFeb2005; | |