Security Credentials
Security credentials are a piece of evidence that a communicating party possesses that can be used to create or obtain a security token. Thus, credentials are typically longer-lived than security tokens, and a security token can be viewed as the runtime manifestation of the security credentials. Example of credentials include a machine certificate (which can be converted into an X.509 security token at runtime) or a username/password pair for a domain (which can be used to obtain a Kerberos security token).
Credentials are specified as part of the security bindings.
The following API elements are used with security credentials.
| Callback | Description |
|---|---|
| WS_GET_CERT_CALLBACK | Provides a certificate to the security runtime. |
| WS_VALIDATE_PASSWORD_CALLBACK | Validates a username/password pair on the receiver side. |
| Enumeration | Description |
|---|---|
| WS_CERT_CREDENTIAL_TYPE | The type of the certificate credential. |
| WS_USERNAME_CREDENTIAL_TYPE | The type of the username/password credential. |
| WS_WINDOWS_INTEGRATED_AUTH_CREDENTIAL_TYPE | The type of the Windows Integrated Authentication credential. |
| Structure | Description |
|---|---|
| WS_CERT_CREDENTIAL | The abstract base type for all certificate credential types. |
| WS_CUSTOM_CERT_CREDENTIAL | The type for specifying a certificate credential that is to be supplied by a callback to the application. |
| WS_DEFAULT_WINDOWS_INTEGRATED_AUTH_CREDENTIAL | Type for supplying a Windows Integrated Authentication credential based on the current thread token. |
| WS_OPAQUE_WINDOWS_INTEGRATED_AUTH_CREDENTIAL | Type for supplying a Windows Integrated Authentication credential. |
| WS_STRING_USERNAME_CREDENTIAL | The type for supplying a username/password pair as strings. |
| WS_STRING_WINDOWS_INTEGRATED_AUTH_CREDENTIAL | Type for supplying a Windows credential as username, password, domain strings. |
| WS_SUBJECT_NAME_CERT_CREDENTIAL | The type for specifying a certificate credential using the certificate's subject name, store location and store name. |
| WS_THUMBPRINT_CERT_CREDENTIAL | The type for specifying a certificate credential using the certificate's thumbprint, store location and store name. |
| WS_USERNAME_CREDENTIAL | The abstract base type for all username/password credentials. |
| WS_WINDOWS_INTEGRATED_AUTH_CREDENTIAL | The abstract base type for all credential types used with Windows Integrated Authentication. |