Schéma de configuration de Windows Identity FoundationWindows Identity Foundation Configuration Schema

Les rubriques de cette section fournissent des informations sur le schéma de configuration de Windows Identity Foundation (WIF).The topics in this section provide information about the Windows Identity Foundation (WIF) configuration schema. Vous pouvez également configurer une application pour utiliser WIF à travers des classes exposées par le cadre.You can also configure an application to use WIF through classes exposed by the framework. Ces classes sont indiquées dans les sections qui traitent les éléments correspondants dans le schéma.These classes are noted in the sections that treat relevant elements in the schema. L’exemple suivant montre la structure de la balise XML de base exposée par le schéma de configuration WIF.The following shows the basic XML tag structure exposed by the WIF configuration schema. Les attributs sont omis.Attributes are omitted. Les commentaires surlignés indiquent les principaux composants du schéma.Highlighted comments indicate major components of the schema.

<configuration>  
    <system.identityModel>  
        <!-- Service Configuration -->  
        <identityConfiguration>  
            <caches>  
                <sessionSecurityTokenCache />  
                <tokenReplayCache />  
            </caches>  

            <certificateValidation>  
                <certificateValidator />
            </certificateValidation>  

            <claimsAuthenticationManager />  

            <claimsAuthorizationManager>  
                <optionalConfigurationElement>  
            </claimsAuthorizationManager>  

            <claimTypeRequired>  
                <claimType />
            </claimTypeRequired>  

            <tokenReplayDetection />  

            <!-- Security Token Handler Collection Configuration -->  
            <securityTokenHandlers>  
                <add>  
                    <!-- Can take an optional configuration element which can be one of  
                         the following or a custom element -->  
                    <samlSecurityTokenHandlerRequirement>  
                        <nameClaimType>  
                        <roleClaimType>
                    </samlSecurityTokenHandlerRequirement>  

                    <sessionSecurityTokenHandlerRequirement />  
                    <x509SecurityTokenHandlerRequirement />  
                    <userNameSecurityTokenHandlerRequirement />  
                </add>  
                <clear />  
                <remove />  
                <securityTokenHandlerConfiguration>  
                    <audienceUris>  
                        <add>  
                        <clear>  
                        <remove>  
                    </audienceUris>  

                    <caches>  
                        <sessionSecurityTokenCache />  
                        <tokenReplayCache />  
                    </caches>  

                    <certificateValidation>  
                        <certificateValidator>
                    </certificateValidation>  

                    <issuerNameRegistry>  
                        <!-- Can take an optional configuration element which can be   
                             the <trustedIssuers> element to configure a configuration-based  
                             issuer name registry or can be a custom element -->  
                        <trustedIssuers>  
                            <add>  
                            <clear>  
                            <remove>  
                        </trustedIssuers>  
                    </issuerNameRegistry>  

                    <issuerTokenResolver />  
                    <serviceTokenResolver />  
                    <tokenReplayDetection />  
                </securityTokenHandlerConfiguration>  
            </securityTokenHandlers>  
        </identityConfiguration>  
    </system.identityModel>  

    <system.identityModel.services>  
        <!-- Federation Authentication Configuration -->  
        <federatedAuthentication>  
            <cookieHandler>  
                <chunkedCookieHandler />  
                <customCookieHandler />  
            </cookieHandler>  

            <serviceCertificate>  
                <certificateReference>  
            </serviceCertificate>  

            <wsFederation />  
        </federatedAuthentication>  
    </system.identityModel.services>  
</configuration>  

Dans cette sectionIn This Section

<system.identityModel> Fournit une configuration pour activer les options WIF dans les applications.<system.identityModel> Provides configuration for enabling WIF options in applications.

<system.identityModel.services> Fournit la configuration pour la fédération passive utilisant WIF.<system.identityModel.services> Provides configuration for passive federation using WIF. Configure le module d’authentification de session (SAM) et le module d’authentification fédérée (WSFAM).Configures the Session Authentication Module (SAM) and the Federated Authentication Module (WSFAM).