This documentation is archived and is not being maintained.

WSFederationAuthenticationModule Members

Windows Identity Foundation
[Starting with the .NET Framework 4.5, Windows Identity Foundation (WIF) has been fully integrated into the .NET Framework. The version of WIF addressed by this topic, WIF 3.5, is deprecated and should only be used when developing against the .NET Framework 3.5 SP1 or the .NET Framework 4. For more information about WIF in the .NET Framework 4.5, also known as WIF 4.5, see the Windows Identity Foundation documentation in the .NET Framework 4.5 Development Guide.]

The WSFederationAuthenticationModule is an HTTP module that lets ASP.NET developers build claims aware applications. The WSFederationAuthenticationModule raises several events, which allows ASP.NET developers to customize its functionality in their applications. The WSFederationAuthenticationModule functionality is divided into task-specific methods to make it easier for ASP.NET developers to reuse and extend its functionality in their applications.

The following tables list the members exposed by the WSFederationAuthenticationModule type.

 NameDescription
 WSFederationAuthenticationModuleInitializes a new instance of the WSFederationAuthenticationModule class.
Top

 NameDescription
public propertyAuthenticationTypeFederation passive "wauth" property.
public propertyFreshnessThis is an optional property applicable when FederationAuthenticationModule. PassiveRedirectEnabled is set to true. Use this property to get or set and optional parameter that identifies the desired maximum age of authentication specified in minutes.
public propertyHomeRealmIdentity provider address.
public propertyIssuerThis is a required property if PassiveRedirectEnabled is set to true. It specifies the URL of the STS where the caller is redirected to for authentication.
public propertyPassiveRedirectEnabledSpecifies whether the module is enabled to initiate WS-Federation passive protocol redirects. This mode of operation of the module enables its use in scenarios that do not employ the Federated Passive SignIn ASP.NET control.
public propertyPersistentCookiesOnPassiveRedirectsSpecifies whether persistent cookies are issued when the module is enabled to initiate WS-Federation passive protocol redirects.
public propertyPolicyFederation passive "wp" property.
public propertyRealmThis is a required property if PassiveRedirectEnabled is set to true. Get or set a required property that is a URI identifying the relying party to the STS. (For identifying the STS to the RP, see Issuer).
public propertyReplyThis is an optional property if PassiveRedirectEnabled is set to true. Get or set this optional parameter to a URL identifying the relying party to the STS.
public propertyRequestThis is an optional property applicable when PassiveRedirectEnabled is set to true. Get or set this optional parameter to send the request as a WS-Trust Request Security Token <RST> element.
public propertyRequestPtrThis is an optional property applicable when PassiveRedirectEnabled is set to true. Get or set an optional parameter that contains a pointer to the request as a Request Security Token <RST> element.
public propertyRequireHttpsIf true, the communication with the passive STS must take place over an https: protocol.
public propertyResourceThis is an optional property applicable when PassiveRedirectEnabled is set to true. Get or set this optional parameter to a URI that identifies the resource being accessed (relying party) to the STS.
public propertyServiceConfiguration  Gets or sets the ServiceConfiguration in effect for this module. (Inherited from HttpModuleBase)
public propertySignInContextRP or STS defined context parameter.
public propertySignInQueryStringQuery string of request, which may contain other message parameters.
public propertySignOutQueryStringAdditional signout query strings.
public propertySignOutReplyUrl to return to after signout.
public propertyXmlDictionaryReaderQuotasGets/Sets the XmlDictionaryReaderQuotas.
Top

(see also Protected Methods)
 NameDescription
public methodCanReadSignInResponseOverloaded. Determines if request is a WS-Federation Passive Protocol SignIn Response message from the STS.
public methodCreateSignInRequestCreates a WS-Federation Passive Protocol SignIn Request, using the WS-Federation parameters configured on the module.
public methodDispose  Disposes of the resources used by the module. (Inherited from HttpModuleBase)
public methodEquals  (Inherited from Object)
public methodstaticFederatedSignOutSign out according to the WS-Federation protocol.
public methodstaticGetFederationPassiveSignOutUrlGets the complete WS-Federation Passive signout url.
public methodGetHashCode  (Inherited from Object)
public methodGetSecurityTokenOverloaded. Reads a SecurityToken.
public methodGetSignInResponseMessageReads a SignInResponseMessage from the given HttpRequest.
public methodGetType  (Inherited from Object)
public methodGetXmlTokenFromMessageOverloaded.  
public methodInit  Initializes the module. (Inherited from HttpModuleBase)
public methodIsSignInResponseReturns true if request is recognized as a SignIn response.
public methodRedirectToIdentityProviderRedirect user to identity provider STS for obtaining a token using WS-Federation Passive Protocol.
public methodSetPrincipalAndWriteSessionTokenSet the thread principal and write the cookie.
public methodSignOutSign out and raise appropriate events.
public methodToString  (Inherited from Object)
public methodVerifyPropertiesVerifies that the Issuer and realm are non-empty and that, if HTTPS is required, the issuer and reply are HTTPS.
Top

 NameDescription
protected methodFinalize  (Inherited from Object)
protected methodGetReferencedResultGet the wresult string from a referenced URL.
protected methodGetReturnUrlFromResponseExtract the originally requested page (ReturnUrl) from the response.
protected methodGetSessionTokenContextContext to be persisted with the cookie. When using WS-Federation Passive protocol, we concatenate a type name to the signout url so we can initiate the signout protocol.
protected methodGetSignOutRedirectUrlDetermines the url to redirect to when processing a federated sign-out request containing a wreply parameter.
protected methodInitializeModuleOverridden. Initializes a module and prepares it to handle requests.
protected methodInitializePropertiesFromConfigurationInitialize module properties based on definitions in the configuration file.
protected methodMemberwiseClone  (Inherited from Object)
protected methodOnAuthenticateRequestHandle the HTTP pipeline AuthenticateRequest event, after ensuring that the module has been initialized.
protected methodOnAuthorizationFailedRaise the AuthorizationFailed event.
protected methodOnEndRequestHandle the HTTP pipeline EndRequest event.
protected methodOnPostAuthenticateRequestEvent handler for Application.PostAuthenticateRequest
protected methodOnRedirectingToIdentityProviderRaise the RedirectingToIdentityProvider event.
protected methodOnSessionSecurityTokenCreatedRaise the SessionSecurityTokenCreated event.
protected methodOnSignedInRaise the SignedIn event.
protected methodOnSignedOutRaise the SignedOut event.
protected methodOnSignInErrorRaise the SignInError event.
protected methodOnSigningOutRaise the SigningOut event.
protected methodOnSignOutErrorRaise the SignOutError event.
Top

 NameDescription
public eventAuthorizationFailedOccurs when the WSFederationAuthenticationModule is determining if it should redirect the user to the Identity summary. This event fires when authorization has failed for a HTTP request. Redirecting to IdentityProvider is controlled by setting the RedirectToIdentityProvider property on the AuthorizationFailedEventArgs. The RedirectingToIdentityProvider event can be used to modify the URL or cancel the redirect.To handle this event in an ASP.NET application, create a method called WSFederationAuthentication_AuthorizationFailed in the global.asax file.
public eventRedirectingToIdentityProviderOccurs when the WSFederationAuthenticationModule is going to redirect the user to the Identity Provider. This event handler can be used to change the SignInRequestMessage.
public eventSecurityTokenReceivedOccurs when a security token has been received for processing.
public eventSecurityTokenValidatedOccurs when a security token has been received for processing.
public eventSessionSecurityTokenCreatedOccurs when a session security token has been created.
public eventSignedInEvent raised after the user is signed in.
public eventSignedOutEvent raised after the user is signed out.
public eventSignInErrorEvent raised when a signin error occurs.
public eventSigningOutOccurs before deleting the sign-in session.
public eventSignOutErrorEvent raised when signout error occurs.
Top



Copyright © 2008 by Microsoft Corporation. All rights reserved.
Show: