<add> of <allowedAudienceUris>
Adds a target Uri for which the SamlSecurityToken security token can be targeted for in order to be considered valid by a SamlSecurityTokenAuthenticator instance.
Schema Hierarchy
<system.serviceModel>
<behaviors>
<serviceBehaviors>
<behavior> of <serviceBehaviors>
<serviceCredentials>
<issuedTokenAuthentication> of <serviceCredentials>
<allowedAudienceUris>
<add> of <allowedAudienceUris>
Syntax
<allowedAudienceUris>
<add allowedAudienceUri="String"/>
</allowedAudienceUris>
Attributes and Elements
The following sections describe attributes, child elements, and parent elements.
Attributes
Attribute | Description |
---|---|
allowedAudienceUri |
A string that contains a target Uri for which the SamlSecurityToken security token can be targeted for in order to be considered valid by a SamlSecurityTokenAuthenticator instance. |
Child Elements
None.
Parent Elements
Element | Description |
---|---|
Represents a collection of target URIs for which the SamlSecurityToken security token can be targeted for in order to be considered valid by a SamlSecurityTokenAuthenticator instance. |
Remarks
You should use this collection in a federated application that utilizes a security token service (STS) that issues SamlSecurityToken security tokens. When the STS issues the security token, it can specify the URI of the Web services for which the security token is intended by adding a SamlAudienceRestrictionCondition to the security token. That allows the SamlSecurityTokenAuthenticator for the recipient Web service to verify that the issued security token is intended for this Web service by specifying that this check should happen by doing the following:
Set the audienceUriMode attribute of <issuedTokenAuthentication> to Always or BearerKeyOnly.
Specify the set of valid URIs, by adding the URIs to this collection.
For more information, see SamlSecurityTokenAuthenticator.
For more information on using this configuration element, see How To: Configure Credentials on a Federation Service.
See Also
Reference
<allowedAudienceUris>
<issuedTokenAuthentication> of <serviceCredentials>
SamlSecurityTokenAuthenticator
AllowedAudienceUris
AudienceUriMode
AllowedAudienceUris
AllowedAudienceUriElementCollection
AllowedAudienceUriElement
AllowedAudienceUris
Other Resources
Security Behaviors in Windows Communication Foundation
Securing Services and Clients
How To: Configure Credentials on a Federation Service
© 2007 Microsoft Corporation. All rights reserved.
Last Published: 2010-01-05