Export (0) Print
Expand All
Expand Minimize
5 out of 7 rated this helpful - Rate this topic

System.Web.Security.SingleSignOn Namespace

 ClassDescription
Public classAccountStoreRepresents a service that defines identities and attributes for controlling user access to Web site resources, such as Active Directory Domain Services.
Public classAccountStoreCollectionDefines methods and properties for a collection of AccountStore objects.
Public classActiveDirectoryAccountStoreAn Active Directory account store.
Public classActiveDirectoryGroupClaimA type of GroupClaim that has an active directory group object associated with it. If the organizational claims in the token contain an ActiveDirectoryGroupClaim object, that security principal is considered a member of the Active Directory group object associated with it.
Public classADGroupGenerationConfigures an ActiveDirectoryAccountStore so that the Federation Server generates group claims at run-time for authenticated users. Claims configurations are based on specified attributes, such as the common name (CN) attribute, e-mail addresses, UPNs, group SIDs or custom attributes, such as titles.
Public classADGroupGenerationCollectionA collection of ADGroupGeneration objects.
Public classBoundedSizeLogFileTraceListenerDirects tracing or debugging output to a Writer.
Public classCertificateChainContextA managed wrapper for the native CERT_CHAIN_CONTEXT structure. For more information about the CERT_CHAIN_CONTEXT structure, see "CERT_CHAIN_CONTEXT" in security section of the MSDN library.
Public classCertificateContextA managed wrapper for the native CERT_CONTEXT structure. For more information about the CERT_CONTEXT structure, see "CERT_CONTEXT" in security section of the MSDN lib.
Public classCertificateExceptionThe exception thrown when a certificate error occurs.
Public classCertificateHasNoPrivateKeyExceptionConfigured signing certificates should contain private keys that are used to sign data. This exception is thrown if the certificate configured as a signing certificate does not have its private key.
Public classCertificateNotFoundExceptionThe exception thrown when a certificate is not found.
Public classCertInfoThe CertInfo object supports the AD FS infrastructure and is not intended to be used directly from your code. Used by the X509VerificationMethod to identify a particular certificate in the FederationCertificates certificate store of the TrustPolicy.
Public classCertInfoCollectionA collection of CertInfo objects.
Public classClaimFactoryCreates different types of claim, claim generation, and claim transformation objects.
Public classClaimFilteringTransformA transform for claim filtering on the trusting realm. The claim filtering will apply to the TrustingRealmClaimTransformation object. The application applies the filters while it is processing corporate claims and outgoing claims on the resource side of the Federation Server. The ClaimFilteringTransform object specifies how incoming claims will be filtered for a TrustingRealm or a TrustingApplication object.
Public classClaimsMappingExceptionThe exception that is thrown if the Federation Service encountered an exception during claims mapping.
Public classClientCredentialInfoContains information about client credentials, such as the authentication method that the client uses, information about the certificate, the client name and password, the account store URI, and so on.
Public classCommonNameClaimTransformA transform to use for common name (CN) claims.
Public classCorporateClaimsA collection of group claims and custom claims that have relevance in a particular organization.
Public classCorporateClaimUuidCollectionA collection of universal unique identifiers (UUIDs) for corporate claims.
Public classCredentialsVerificationExceptionThe exception that is thrown when credentials verification fails.
Public classCredentialsVerificationInfoContains the detailed results of credentials verification. Details include information about the Account Store that verified or failed to verify the credentials, resulting success or failure codes, and other information that could be useful for a detailed audit.
Public classCustomClaimA custom claim on a trusting or trusted realm.
Public classCustomClaimCollectionA collection of CustomClaim objects.
Public classCustomClaimLdapAttributeA class that defines a method for mapping LDAP attributes to CustomClaims.
Public classCustomClaimLdapAttributeCollectionA collection of CustomClaimLdapAttribute objects.
Public classCustomClaimTransformA transform for a custom claim.
Public classCustomClaimTransformCollectionA collection of CustomClaimTransform objects.
Public classCustomModuleProvides a reference to a user provided extensibility class. Custom modules implement interfaces defined in WebSSO.
Public classCustomTransformThe transform to use for the CustomModule. Provides a reference to a user provided extensibility class which implements the IClaimTransform interface.
Public classDebugLogSwitchThis class supports the AD FS infrastructure and is not intended to be used directly from your code. An abstract base class for debug tracing.
Public classFederationCertificatesAD FS token verification certificates in the Federation Service Certificate Store.
Public classFederationServerConfigurationThis class supports the AD FS infrastructure and is not intended to be used directly from your code. Encapsulates the configuration parameters of the federation server from web.config.
Public classFederationServerConfigurationHandlerThis class supports the AD FS infrastructure and is not intended to be used directly from your code. Invoked by ASP.NET to load configuration changes made to the web.config.
Public classFederationServerServiceThis class supports the AD FS infrastructure and is not intended to be used directly from your code. Represents a Federation Server Web service.
Public classFederationServerSoapProxyThis class supports the AD FS infrastructure and is not meant to be used directly from your code. The AD FS Web Agent and the Federation Service Proxy use this class to communicate with the Federation Server.
Public classFsInformationDataThis class supports the AD FS infrastructure and is not meant to be used directly from your code. This class encapsulates the FS trust information that is retrieved by the WS by means of the GetFsTrustInformation web method call.
Public classGroupClaimA group claim for the trusting or trusted realm.
Public classGroupClaimCollectionA collection of GroupClaim objects.
Public classGroupClaimTransformA transform for a GroupClaim object.
Public classGroupClaimTransformCollectionA collection of GroupClaimTransform objects.
Public classGroupLdapAttributeSpecifies how to populate a GroupClaim based on the value of an LDAP user attribute, when added to a GroupLdapAttributeCollection as part of an LdapClaimGeneration object for an AccountStore. At authentication time, the LDAP attribute specified in the GroupAttribute property will be queried, and if any of its values match the value specified in GroupAttributeValue it will cause the group claim, identified by CorporateGroupUuid, to be added to the user claims. If using an active scripting language like VBScript, the recommended method for constructing a GroupLdapAttribute object is CreateGroupLdapAttribute.
Public classGroupLdapAttributeCollectionA collection of GroupLdapAttribute objects.
Public classGroupToUpnClaimTransformTransforms a GroupClaim to a UpnClaim.
Public classGroupToUpnClaimTransformCollectionAn ordered list of GroupToUpnClaimTransform objects.
Public classKerberosSigningMethodDefines a way for the Federation Service to digitally sign an AD FS token for an application (represented in the trust policy by a TrustingApplication object). Such tokens are signed using symmetric keys which are securely shared using the Kerberos security protocol of a Windows forest. A KerberosSigningMethod defined for a particular application overrides the global default X509SigningMethod defined in a Federation Service’s web.config file. Because the KerberosSigningMethod utilizes a cached symmetric session key, it may provide performance benefits over the default asymmetric-key-based signing method.
Public classKerberosVerificationMethodThis class supports the AD FS infrastructure and is not intended to be used directly from your code. The KerberosVerificationMethod class is used by the AD FS web agents to verify AD FS tokens with Kerberos-based digital signatures.
Public classLdapClaimGenerationDefines a way of populating claims for an LDAP-based account store (represented by an LdapDirectoryAccountStore object in the trust policy). Attributes on user objects can be mapped into email, UPN, common name, group, or custom claims. The UPNAttribute property must be null when the LdapClaimGeneration applies to Active Directory.
Public classLdapDirectoryAccountStoreSpecifies properties about connecting to, authenticating users against, and generating claims from an LDAP-based account store. As a top level member of the TrustPolicy’s TrustedAccountStores collection, it represents an ADAM account store. As a property of an ActiveDirectoryAccountStore object it specifies LDAP-related configuration for Active Directory.
Public classLogonServerConfigurationHandlerReads configuration data for the Logon Server component of AD FS, which runs on the Federation Service and Federation Service Proxy and is responsible for handling protocol requests to the endpoint URL.
Public classLSAuthenticationModuleImplements the Logon Server component of AD FS, which runs on the Federation Service and Federation Service Proxy and is responsible for handling protocol requests to the endpoint URL.
Public classLSAuthenticationObjectAllows web forms (like clientlogon.aspx) to interact with the Federation Service or Federation Service Proxy on which they are running.
Public classLSCleanupFormContextProvides the information necessary for a Web form to perform state cleanup.
Public classLSCredentialFormContextProvides the information needed for a Web form to collect credentials.
Public classLSDiscoveryFormContextProvides the information necessary for a Web form to discover the client home realm.
Public classLSFormContextEnables the logon server to communicate to ASP.NET Web forms that it invokes. This object may be cast to a more specific context type based on the value in the CurrentAction property.
Public classLSPolicyFormContextProvides the information needed for the PolicyEnforcement action.
Public classMetabaseHelperThis class supports the AD FS infrastructure and is not intended to be used directly from your code. The MetabaseHelper class exposes configuration functionality through COM to the AD FS Web Agent for Windows NT Token management UI.

This class is not CLS-compliant.

Public classNamespacesThis class supports the AD FS infrastructure and is not intended to be used directly from your code. The Namespaces class is used to override the default WS* and claims namespaces used by AD FS when generating WS-Federation Passive Requestor Interoperability Profile messages and SAML tokens.
Public classNameSuffixTransformConfigured as part of a TrustingRealmClaimTransformation object to specify how to transform email or UPN suffixes for consumption by a resource partner.
Public classNameSuffixValidationTransformConfigured as part of a TrustedRealmClaimTransformation object to indicate the e-mail or UPN namespaces for which an account partner is trusted to issue tokens. The NameSuffixValidationTransform class is part of the Federation Service’s trust policy configuration.
Public classNoAcceptableCredentialExceptionThe exception that is thrown when no acceptable credential is provided.
Public classProxyConfigurationInformationSpecifies the configuration information that the Federation Server and any Federation Server proxies use to write cookies. The ProxyConfigurationInformation class is part of the Federation Service’s trust policy configuration.
Public classProxyInformationThis class supports the AD FS infrastructure and is not intended to be used directly from your code. A ProxyInformation object is retrieved by a Federation Service proxy by calling GetFsTrustInformation, and contains configuration information necessary for the proxy to function.
Public classRSTRResultThis class supports the AD FS infrastructure and is not intended for public use. An RSTRResult object is used by the Federation Service to return the result of the LsRequestSecurityToken and LsRequestSecurityTokenWithCookie methods.
Public classSigningMethodThis class supports the AD FS infrastructure and is not intended to be used directly from your code. Its derived classes are part of the Federation Service’s trust policy configuration. However, user code should not derive from this class.
Public classSingleSignOnIdentityUsed by the ASP.Net web application to get direct claim information about the authenticated client. The web application can also control the occurrences of redirects to the logon server.
Public classSingleSignOnMembershipProviderThe SingleSignOnMembershipProvider class is intended for use by the Windows Sharepoint Services (WSS) version 3 scenario.
Public classSingleSignOnRoleProviderThe SingleSignOnRoleProvider class is intended to be used for the Windows SharePoint Services version 3 scenario.
Public classTrustConfigurationDataThe TrustConfigurationData class supports the AD FS infrastructure and is not intended to be used directly from your code.
Public classTrustedRealmThe trusted realm which represents a trusted account partner.
Public classTrustedRealmClaimTransformationDefines the claim transformations used in the trust policy. These objects will be used for incoming corporate claim transformations from the TrustedRealm (account partner) this transformation is defined on.
Public classTrustedRealmCollectionA collection of TrustedRealm objects.
Public classTrustedWindowsDomainsRepresents Windows domains that are allowed from this account partner, assuming this realm is a Windows realm. For example, this partner is in a forest which is trusted by the forest to which this Federation Server is joined.
Public classTrustingApplicationGets or sets a TrustingRealmClaimTransformation to use for transforming claims for this trusting application.
Public classTrustingApplicationCollectionA collection of TrustingApplication objects.
Public classTrustingRealmThe trusting realm represents a trusting resource partner.
Public classTrustingRealmClaimTransformationDefines the claim transformations used in the trust policy. The TrustingRealmClaimTransformation objects will be used for outgoing corporate claim transformations to the TrustingRealm (resource partner) that this transformation is defined on.
Public classTrustingRealmCollectionA collection of TrustingRealm objects.
Public classTrustPolicyAdministers the trust policy.
Public classTrustPolicyEntryThis class supports the AD FS infrastructure and is not meant to be used directly from your code. Represents an entry in a TrustPolicy object.
Public classTrustPolicyEntryBaseThis class supports the AD FS infrastructure and is not meant to be used directly from your code. The base entry for a trust policy.
Public classTrustPolicyEntryCollectionA collection of TrustPolicyEntry objects.
Public classTrustPolicyFactoryCreates trust policies. If you are using an active scripting language like VBScript, this is the recommended class for constructing or loading a TrustPolicy object.
Public classTrustPolicyStringCollectionThis class supports the AD FS infrastructure and is not meant to be used directly from your code. A collection of strings used for a trust policy.
Public classTrustRealmThe trust realm. This serves as the base class for trust entities like realms and applications in the Trust policy.
Public classUpnClaimRepresents a claim that has a user principal name (UPN) in a Kerberos format. For example, user@contoso.com.
Public classUserValidationInfoDefines information returned by an account store after validating user credentials.
Public classVerificationMethodContains the certificates and SPNS used by the Federation Server to sign tokens. This class is abstract.
Public classVersionInformationVersion information for a software application. Use VersionInformation when retrieving trust information.
Public classWebSsoAuthenticationEventArgsThis class supports the AD FS infrastructure and is not intended for public use.
Public classWebSsoAuthenticationModuleActs as the resource Web Server HttpModule. Enables ASP.NET applications to use AD FS for authentication.
Public classWebSsoConfigurationExceptionThrown by AD FS for configuration errors either in the web.config or the trust policy.
Public classWebSsoConfigurationHandlerThis class supports the AD FS infrastructure and is not intended to be used directly from your code. A WebSSO configuration handler object.
Public classWebSsoTokenVerifierThis class supports the AD FS infrastructure and is not intended to be used directly from your code. Verifies incoming tokens when called by the authentication service.

This class is not CLS-compliant.

Public classWrongPrincipalExceptionAn exception thrown if the security token, based on collected credentials, pertains to a different principal than the current accelerator token.
Public classX509SigningMethodThis class supports the AD FS infrastructure and is not intended to be used directly from your code. The X509SigningMethod class describes a method of signing tokens using an X509 certificate and its associated private key.
Public classX509VerificationMethodManages the list of certificates used by the Federation Server and is used by the TrustedRealm object. The RevocationFlags enumeration passed to the TrustedRealm object is used by the X509VerificationMethod Class. This is a helper object that is used in coding modifications to trust policies.
 InterfaceDescription
Public interfaceIAccountStoreThis class supports the AD FS infrastructure and is not meant to be used directly from your code.
Public interfaceIClaimTransformExtends the options for how claim transformations are handled by the Federation Server. Use this interface to customize claim transformations and write code to implement those customized transformations. You must register the class that implements this interface by using the CustomTransformation property of the TrustPolicy class, or by specifying it in the Federation Server Administration snap-in.
Public interfaceIFederationServerThis interface supports the AD FS infrastructure and is not intended to be used directly from your code. The IFederationServer interface provides a layer of abstraction to allow the LSAuthenticationObject to function in the same way regardless of whether the FederationServerService object is located in the same process.
Public interfaceIMetabaseHelperThis interface supports the AD FS infrastructure and is not intended to be used directly from your code. The IMetabaseHelper interface exposes configuration functionality through COM to the AD FS Web Agent for Windows NT Token management UI.

This interface is not CLS-compliant.

Public interfaceIWebSsoTokenVerifierThis interface supports the AD FS infrastructure and is not intended to be used directly from your code. The IWebSsoTokenVerifier interface exposes token verification functionality through COM to the AD FS Web Agent Authentication Service.

This interface is not CLS-compliant.

 DelegateDescription
Public delegateWebSsoAuthenticationEventHandlerThe WebSsoAuthenticationEventHandler field supports the AD FS infrastructure and is not intended to be used directly from your code.
 EnumerationDescription
Public enumerationAccountStore.AccountStoreTypeSpecifies the type of account store to which the AccountStore object belongs.
Public enumerationClaimTransformStageIdentifies the point at which a CustomClaimTransform class is called. A CustomClaimTransform class will be called twice, once before the built-in transforms are evaluated, and once after.
Public enumerationClaimTypeThe ClaimType enumeration identifies the claim type to choose.
Public enumerationIdentityClaimTypeThis enumeration supports the AD FS infrastructure and is not meant to be used directly from your code. Identifies the type of identity claim that is being used. Claim configurations are based on specified attributes, such as the common name (CN) attribute, e-mail addresses, UPNs, group SIDs or custom attributes, such as titles.
Public enumerationLSFormActionIndicates the requested operation to an AD FS Web form.
Public enumerationRevocationFlagsIndicates what revocation checking activities should be performed by AD FS, when configured on an X509VerificationMethod object. These flags will eventually be passed to the cryptography CertGetCertificateChain function. The RevocationFlags enumeration is part of the Federation Service’s trust policy configuration.
Public enumerationRSTRStatusThis enumeration supports the AD FS infrastructure and is not intended for public use. An RSTRStatus enumeration is set on an RSTRResult object to indicate the result of the LsRequestSecurityToken and LsRequestSecurityTokenWithCookie methods.
Public enumerationShadowAccountExistanceIndicates whether shadow accounts are known to exist for users from a particular account partner. The ShadowAccountExistance enumeration is part of the Federation Service’s trust policy configuration.
Public enumerationSingleSignOnEventLogLevelDefine the types of event logs and audit events written by AD FS components. The SingleSignOnEventLogLevel enumeration is part of the Federation Service’s trust policy configuration. It is also used in the configuration of the Federation Service proxy and claims-based web agent.
Public enumerationTrustTypesThis enumeration supports the AD FS infrastructure and is not intended for public use.
Public enumerationWebSsoClaimTypeIdentifies the type of WebSSO claim being used.
Footer image

Send comments about this topic to Microsoft.

Did you find this helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

ADD
Show:
© 2014 Microsoft. All rights reserved.