This documentation is archived and is not being maintained.

SignInResponseMessage Class

Windows Identity Foundation
[Starting with the .NET Framework 4.5, Windows Identity Foundation (WIF) has been fully integrated into the .NET Framework. The version of WIF addressed by this topic, WIF 3.5, is deprecated and should only be used when developing against the .NET Framework 3.5 SP1 or the .NET Framework 4. For more information about WIF in the .NET Framework 4.5, also known as WIF 4.5, see the Windows Identity Foundation documentation in the .NET Framework 4.5 Development Guide.]

Represents a WS-Federation Sign-In Response message.

Namespace: Microsoft.IdentityModel.Protocols.WSFederation
Assembly: Microsoft.IdentityModel (in Microsoft.IdentityModel.dll)

Dim instance As SignInResponseMessage

public class SignInResponseMessage : WSFederationMessage
public class SignInResponseMessage extends WSFederationMessage
public class SignInResponseMessage extends WSFederationMessage

The following code example from a sample web page accepts an HTTP request and creates a Sign-In Request message and a Sign-In Response message.

namespace SimplePassiveSTS
    public partial class _Default : System.Web.UI.Page
        /// <summary>
        /// Returns whether the user is authenticated or not. 
        /// </summary>
        bool IsAuthenticatedUser
            return ( ( Page.User != null ) && ( Page.User.Identity != null ) && ( Page.User.Identity.IsAuthenticated ) );

        /// <summary>
        /// Helper function that processes the incoming request message
        /// and creates a response message
        /// </summary>
        private SignInResponseMessage ProcessSignInRequest(SignInRequestMessage requestMessage )
            if ( requestMessage == null )
                throw new ArgumentNullException( "requestMessage" );

            // Ensure that the requestMessage has the required ‘wtrealm’ 
            // parameter
            if ( String.IsNullOrEmpty( requestMessage.Realm ) )
                throw new InvalidOperationException(
                    "Incoming Passive Request message didn't contain the wtrealm parameter." );

             // Create a SecurityTokenServiceConfiguration instance

             SecurityTokenServiceConfiguration stsconfig = new SecurityTokenServiceConfiguration( "SimplePassiveSTS" );

            // Create the STS.
            SecurityTokenService sts = new MySecurityTokenService(stsconfig); 

            // Create the WS-Federation serializer to process the request and
            // create the response.
            // This creates the default WSFederationSerializer that handles 
            // the WS-Trust Feb 2005 specification.
            WSFederationSerializer federationSerializer = new WSFederationSerializer();

             // Create RST from the request
             RequestSecurityToken request = federationSerializer.CreateRequest (requestMessage, new WSTrustSerializationContext() );

            // Get RSTR from the STS.
            RequestSecurityTokenResponse response = sts.Issue(ClaimsPrincipal.Current, request );

            // Create WS-Federation Response message from the RSTR
            return new SignInResponseMessage( new Uri( response.ReplyTo ),
                federationSerializer.GetResponseAsString(response, new WSTrustSerializationContext() ) );


        /// <summary>
        /// We perform WS-Federation passive protocol logic in this method 
        ///and call out to the appropriate request handlers. 
        /// </summary>
        /// <param name="sender"></param>
        /// <param name="e"></param>
        protected void Page_PreRender( object sender, EventArgs e )
            if ( IsAuthenticatedUser )
                // Use WSFederationMessage.CreateFromUri to parse the request and create a WSFederationMessage. 
                WSFederationMessage federationMessage = WSFederationMessage.CreateFromUri( Request.Url );

                if ( federationMessage.Action == WSFederationConstants.Actions.SignIn )
                    // Process the sign in request. 
                    SignInResponseMessage responseMessage = ProcessSignInRequest(
                        federationMessage as SignInRequestMessage );

                    // Always Echo back the Context (wctx) which came on the // request.
                    responseMessage.Context = federationMessage.Context;

                    // Write the response message.     
                    responseMessage.Write( Page.Response.Output );
                else if ( federationMessage.Action == WSFederationConstants.Actions.SignOut ||
                          federationMessage.Action == WSFederationConstants.Actions.SignOutCleanup )
                   // Perform the clean-up operation here
                    throw new InvalidOperationException( String.Format(
                                  CultureInfo.InvariantCulture, "Unsupported Action: {0}", federationMessage.Action ) );




This message is created when the action parameter (wa) of the received message is “wsignin1.0” and the message contains a wresult or a wresultptr parameter.

When converting a RequestSecurityTokenResponse object to a SignInResponseMessage object, the context attribute on RequestSecurityTokenResponse message is not transferred over, and must be explicitly set.

For more information about the message that this class represents, see the WS-Federation specification. You can find links to this specification and other WS-* specifications relevant to WIF in the Windows Identity Foundation SDK topic.


Any public static (Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.


Target Platforms

Windows 7, Windows Server 2008 R2, Windows Vista SP2, Windows Server 2008 SP2, Windows Server 2003 SP2 (32-bit or 64-bit)

Copyright © 2008 by Microsoft Corporation. All rights reserved.