Esquema de configuração do Windows Identity FoundationWindows Identity Foundation Configuration Schema

Os tópicos nesta seção fornecem informações sobre o esquema de configuração do WIF (Windows Identity Foundation).The topics in this section provide information about the Windows Identity Foundation (WIF) configuration schema. Você também pode configurar um aplicativo para usar o WIF por meio de classes expostas pela estrutura.You can also configure an application to use WIF through classes exposed by the framework. Essas classes são indicadas nas seções que tratam os elementos relevantes no esquema.These classes are noted in the sections that treat relevant elements in the schema. A seguir é mostrada a estrutura de marca XML básica exposta pelo esquema de configuração do WIF.The following shows the basic XML tag structure exposed by the WIF configuration schema. Os atributos são omitidos.Attributes are omitted. Os comentários realçados indicam os componentes principais do esquema.Highlighted comments indicate major components of the schema.

<configuration>  
    <system.identityModel>  
        <!-- Service Configuration -->  
        <identityConfiguration>  
            <caches>  
                <sessionSecurityTokenCache />  
                <tokenReplayCache />  
            </caches>  
      
            <certificateValidation>  
                <certificateValidator />   
            </certificateValidation>  
      
            <claimsAuthenticationManager />  
      
            <claimsAuthorizationManager>  
                <optionalConfigurationElement>  
            </claimsAuthorizationManager>  
      
            <claimTypeRequired>  
                <claimType />   
            </claimTypeRequired>  
      
            <tokenReplayDetection />  
      
            <!-- Security Token Handler Collection Configuration -->  
            <securityTokenHandlers>  
                <add>  
                    <!-- Can take an optional configuration element which can be one of  
                         the following or a custom element -->  
                    <samlSecurityTokenHandlerRequirement>  
                        <nameClaimType>  
                        <roleClaimType>   
                    </samlSecurityTokenHandlerRequirement>  
      
                    <sessionSecurityTokenHandlerRequirement />  
                    <x509SecurityTokenHandlerRequirement />  
                    <userNameSecurityTokenHandlerRequirement />  
                </add>  
                <clear />  
                <remove />  
                <securityTokenHandlerConfiguration>  
                    <audienceUris>  
                        <add>  
                        <clear>  
                        <remove>  
                    </audienceUris>  
      
                    <caches>  
                        <sessionSecurityTokenCache />  
                        <tokenReplayCache />  
                    </caches>  
      
                    <certificateValidation>  
                        <certificateValidator>   
                    </certificateValidation>  
      
                    <issuerNameRegistry>  
                        <!-- Can take an optional configuration element which can be   
                             the <trustedIssuers> element to configure a configuration-based  
                             issuer name registry or can be a custom element -->  
                        <trustedIssuers>  
                            <add>  
                            <clear>  
                            <remove>  
                        </trustedIssuers>  
                    </issuerNameRegistry>  
      
                    <issuerTokenResolver />  
                    <serviceTokenResolver />  
                    <tokenReplayDetection />  
                </securityTokenHandlerConfiguration>  
            </securityTokenHandlers>  
        </identityConfiguration>  
    </system.identityModel>  
      
    <system.identityModel.services>  
        <!-- Federation Authentication Configuration -->  
        <federatedAuthentication>  
            <cookieHandler>  
                <chunkedCookieHandler />  
                <customCookieHandler />  
            </cookieHandler>  
      
            <serviceCertificate>  
                <certificateReference>  
            </serviceCertificate>  
      
            <wsFederation />  
        </federatedAuthentication>  
    </system.identityModel.services>  
</configuration>  

Nesta seçãoIn This Section

<system.identityModel> Fornece configuração para habilitar as opções do WIF nos aplicativos.<system.identityModel> Provides configuration for enabling WIF options in applications.

<system.identityModel.services> Fornece a configuração para federação passiva usando o WIF.<system.identityModel.services> Provides configuration for passive federation using WIF. Configura o SAM (Módulo de Autenticação de Sessão) e o WSFAM (Módulo de Autenticação Federada).Configures the Session Authentication Module (SAM) and the Federated Authentication Module (WSFAM).