WSFederationAuthenticationModule.CanReadSignInResponse Method (HttpRequestBase, Boolean)

.NET Framework (current version)

The .NET API Reference documentation has a new home. Visit the .NET API Browser on to see the new experience.

Returns a value that indicates whether the specified HTTP request is a WS-Federation sign-in response message. If the message is a WS-Federation sign-out clean-up message (“wsignoutcleanup1.0”), this method processes the request.

Namespace:   System.IdentityModel.Services
Assembly:  System.IdentityModel.Services (in System.IdentityModel.Services.dll)

public virtual bool CanReadSignInResponse(
	HttpRequestBase request,
	bool onPage


Type: System.Web.HttpRequestBase

The incoming HTTP request.

Type: System.Boolean

true if the call originates while processing a page request. false if the caller is an HTTP module. This parameter determines how to terminate processing or send redirects if the incoming message is a WS-Federation sign-out cleanup message (“wsignoutcleanup1.0”).

Return Value

Type: System.Boolean

true if the specified HTTP request contains a FORM post in which the wa parameter is set to “wsignout1.0” and the wresult parameter is not empty; otherwise false.

Exception Condition

request is null.

This method is invoked from the request processing pipeline through the WSFederationAuthenticationModule.CanReadSignInResponse(HttpRequestBase) overload to determine whether the incoming HTTP request is a form POST that contains a WS-Federation sign-in response message.

The default implementation performs the following:

  • If the incoming request is a form POST, it calls the IsSignInResponse method to determine whether the form POST contains a sign-in response.

  • If the incoming request is not a form POST, and the request contains a WS-Federation sign-out clean-up request (the wa parameter is “wsignoutcleanup1.0”), sign-out clean-up is performed. In this case, the WSFederationAuthenticationModule.SignOut(Boolean) method is invoked (with the parameter set to true to indicate a sign-out clean-up) to sign out of the session. This also causes the sign-out events to be raised.

    Next, if the sign-out clean-up request contains a wreply parameter, the client is redirected to the URL returned by the GetSignOutRedirectUrl method; otherwise, an image of a green check mark is returned to the STS. The receipt of this image can be used by the STS as a confirmation that the sign-out clean-up request was received and successfully processed by the RP.

.NET Framework
Available since 4.5
Return to top