Compartilhar via


<message> element of <ws2007FederationHttpBinding>

Defines settings for the message-level security for the <ws2007FederationHttpBinding> element.

Schema Hierarchy

<system.serviceModel>
  <bindings>
    <ws2007FederationHttpBinding>
      <binding>
        <security> element of <ws2007FederationHttpBinding>
          <message> element of <ws2007FederationHttpBinding>

Syntax

<ws2007FederationBinding>
   <binding >
      <security>
         <message 
            algorithmSuite="Basic128/Basic192/Basic256/Basic128Rsa15/Basic256Rsa15/TripleDes/TripleDesRsa15/Basic128Sha256/Basic192Sha256/TripleDesSha256/Basic128Sha256Rsa15/Basic192Sha256Rsa15/Basic256Sha256Rsa15/TripleDesSha256Rsa15"
            issuedTokenType="string" 
            issuedKeyType="SymmetricKey/PublicKey"
            negotiateServiceCredential="Boolean" >
            <claimTypeRequirements>
               <add claimType="URI"
                    isOptional="Boolean" />
            </claimTypeRequirements>
            <issuer address="Uri" >
               <headers>
                  <add name="String"
                       namespace="String" />
               </headers>
               <identity>
                  <certificate encodedValue="String"/>
                  <certificateReference findValue="String" 
                     isChainIncluded="Boolean"
                     storeName="AddressBook/AuthRoot/CertificateAuthority/Disallowed/My/Root/TrustedPeople/TrustedPublisher"
                     storeLocation="LocalMachine/CurrentUser"
                     x509FindType=System.Security.Cryptography.X509certificates.X509findtype/>
                  <dns value="String"/>
                  <rsa value="String"/>
                  <servicePrincipalName value="String"/>
                  <usePrincipalName value="String"/>
               </identity>
            </issuer>
            <issuerMetadata address=String" >
               <headers>
                  <add name="String"
                       namespace="String" />
               </headers>
               <identity>
                  <certificate encodedValue="String"/>
                  <certificateReference findValue="String" 
                     isChainIncluded="Boolean"
                     storeName="AddressBook/AuthRoot/CertificateAuthority/Disallowed/My/Root/TrustedPeople/TrustedPublisher"
                     storeLocation="LocalMachine/CurrentUser"
                     X509FindType=System.Security.Cryptography.X509certificates.X509findtype/>
                  <dns value="String"/>
                  <rsa value="String"/>
                  <servicePrincipalName value="String"/>
                  <usePrincipalName value="String"/>
               </identity>
            </issuerMetadata>
            <tokenRequestParameters>
               <xmlElement>
               </xmlElement>
            </tokenRequestParameters>
         </message>
      </security>
   </binding>
</ws2007FederationBinding>

Attributes and Elements

The following sections describe attributes, child elements, and parent elements.

Attributes

Attribute Description

algorithmSuite

Optional. Sets the message encryption, signature, and key-wrap algorithms. The algorithms and the key sizes are determined by the SecurityAlgorithmSuite class. These algorithms map to those specified in the Security Policy Language (WS-SecurityPolicy) specification.

See the following table for possible values. The default value is Basic256.

issuedKeyType

Specifies the type of key to be issued. Valid values include the following:

  • SymmetricKey

  • PublicKey

  • BearerKey

The default is SymmetricKey. This attribute is of type SecurityKeyType.

issuedTokenType

A URI that specifies the type of token to be issued. The default is null.

negotiateServiceCredential

A value that specifies whether the service credential should be exchanged as part of negotiation or is available out of band. The default is true, which means that the service credential is negotiated.

Child Elements

Element Description

<claimTypeRequirements> element

Specifies a collection of claim types for this binding. Each element is of type ClaimTypeElement.

<issuer>

Specifies an endpoint that issues a security token. This element is of type IssuedTokenParametersEndpointAddressElement.

<issuerMetadata>

Specifies the endpoint address of the issuer.

<tokenRequestParameters>

A collection of token request parameters. Each parameter is an XML element.

Parent Elements

Element Description

<security> element of <ws2007FederationHttpBinding>

Defines the security settings for a binding.

See Also

Reference

FederatedMessageSecurityOverHttp
Message
Message
FederatedMessageSecurityElement

Concepts

<binding>

Other Resources

Securing Services and Clients
Windows Communication Foundation Bindings
Configuring System-Provided Bindings
Using Bindings to Configure Services and Clients


© 2007 Microsoft Corporation. All rights reserved.
Last Published: 2010-01-05