This documentation is archived and is not being maintained.
Additional Information
Windows Identity Foundation
[Starting with the .NET Framework 4.5, Windows Identity Foundation (WIF) has been fully integrated into the .NET Framework. The version of WIF addressed by this topic, WIF 3.5, is deprecated and should only be used when developing against the .NET Framework 3.5 SP1 or the .NET Framework 4. For more information about WIF in the .NET Framework 4.5, also known as WIF 4.5, see the Windows Identity Foundation documentation in the .NET Framework 4.5 Development Guide.]
WIF uses reflection to access private WCF members in the following methods:
-
FederatedSecurityTokenManager.SetWrappedTokenCache. WCF lets a developer replace the
SecurityContextTokencache by returning the cache as an out of band token resolver fromCreateSecurityTokenAuthenticator. However, this cache does not correctly replace the inner cache in theAuthenticatorsinternal property, so WIF adds the cache using reflection. -
FederatedSecurityTokenManager.GetSecurityVersion. The
SecurityTokenVersionfor the twoMessageSecurityVersions"WSSecurity10WSTrust13WSSecureConversation13BasicSecurityProfile10" and "WSSecurity11WSTrust13WSSecureConversation13" indicates the wrong Security version specification in the Security Specification collection. WIF uses reflection to access the correctSecurityVersionby casting the givenSecurityTokenVersionto the internalMessageSecurityTokenVersion. -
WrappedSessionSecurityTokenAuthenticator.ReplaceAuthPolicies. WIF implements its claims model through token validation. However, due to the strict internal implementation in WCF regarding
SecurityContextTokenauthentication and creation, WIF allows WCF to create theSecurityContextTokenand then uses reflection replace the internalAuthorizationPoliciesin the token.
The WIF methods listed previously are themselves private and should not be called.
Show: