System.Web.Security.SingleSignOn Namespace

 

Contains the types that expose the Single Sign-on functionality for Active Directory Federation Services (ADFS).

ClassDescription
System_CAPS_pubclassAccountStore

Represents a service that defines identities and attributes for controlling user access to Web site resources, such as Active Directory Domain Services.

System_CAPS_pubclassAccountStoreCollection

Defines methods and properties for a collection of AccountStore objects.

System_CAPS_pubclassActiveDirectoryAccountStore

An Active Directory account store.

System_CAPS_pubclassActiveDirectoryGroupClaim

A type of GroupClaim that has an active directory group object associated with it. If the organizational claims in the token contain an ActiveDirectoryGroupClaim object, that security principal is considered a member of the Active Directory group object associated with it.

System_CAPS_pubclassADGroupGeneration

Configures an ActiveDirectoryAccountStore so that the Federation Server generates group claims at run-time for authenticated users. Claims configurations are based on specified attributes, such as the common name (CN) attribute, e-mail addresses, UPNs, group SIDs or custom attributes, such as titles.

System_CAPS_pubclassADGroupGenerationCollection

A collection of ADGroupGeneration objects.

System_CAPS_pubclassBoundedSizeLogFileTraceListener

Directs tracing or debugging output to a Writer.

System_CAPS_pubclassCertificateChainContext

A managed wrapper for the native CERT_CHAIN_CONTEXT structure. For more information about the CERT_CHAIN_CONTEXT structure, see "CERT_CHAIN_CONTEXT" in security section of the MSDN library.

System_CAPS_pubclassCertificateContext

A managed wrapper for the native CERT_CONTEXT structure. For more information about the CERT_CONTEXT structure, see "CERT_CONTEXT" in security section of the MSDN library.

System_CAPS_pubclassCertificateException

The exception thrown when a certificate error occurs.

System_CAPS_pubclassCertificateHasNoPrivateKeyException

Configured signing certificates should contain private keys that are used to sign data. This exception is thrown if the certificate configured as a signing certificate does not have its private key.

System_CAPS_pubclassCertificateNotFoundException

The exception thrown when a certificate is not found.

System_CAPS_pubclassCertInfo

This API supports the product infrastructure and is not intended to be used directly from your code. The CertInfo object supports the AD FS infrastructure and is not intended to be used directly from your code. Used by the X509VerificationMethod to identify a particular certificate in the FederationCertificates certificate store of the TrustPolicy.

System_CAPS_pubclassCertInfoCollection

A collection of CertInfo objects.

System_CAPS_pubclassClaimFactory

Creates different types of claim, claim generation, and claim transformation objects.

System_CAPS_pubclassClaimFilteringTransform

A transform for claim filtering on the trusting realm. The claim filtering will apply to the TrustingRealmClaimTransformation object. The application applies the filters while it is processing corporate claims and outgoing claims on the resource side of the Federation Server. The ClaimFilteringTransform object specifies how incoming claims will be filtered for a TrustingRealm or a TrustingApplication object.

System_CAPS_pubclassClaimsMappingException

The exception that is thrown if the Federation Service encountered an exception during claims mapping.

System_CAPS_pubclassClientCredentialInfo

Contains information about client credentials, such as the authentication method that the client uses, information about the certificate, the client name and password, the account store URI, and so on.

System_CAPS_pubclassCommonNameClaimTransform

A transform to use for common name (CN) claims.

System_CAPS_pubclassCorporateClaims

A collection of group claims and custom claims that have relevance in a particular organization.

System_CAPS_pubclassCorporateClaimUuidCollection

A collection of universal unique identifiers (UUIDs) for corporate claims.

System_CAPS_pubclassCredentialsVerificationException

The exception that is thrown when credentials verification fails.

System_CAPS_pubclassCredentialsVerificationInfo

Contains the detailed results of credentials verification. Details include information about the Account Store that verified or failed to verify the credentials, resulting success or failure codes, and other information that could be useful for a detailed audit.

System_CAPS_pubclassCustomClaim

A custom claim on a trusting or trusted realm.

System_CAPS_pubclassCustomClaimCollection

A collection of CustomClaim objects.

System_CAPS_pubclassCustomClaimLdapAttribute

A class that defines a method for mapping LDAP attributes to CustomClaims.

System_CAPS_pubclassCustomClaimLdapAttributeCollection

A collection of CustomClaimLdapAttribute objects.

System_CAPS_pubclassCustomClaimTransform

A transform for a custom claim.

System_CAPS_pubclassCustomClaimTransformCollection

A collection of CustomClaimTransform objects.

System_CAPS_pubclassCustomModule

Provides a reference to a user provided extensibility class. Custom modules implement interfaces defined in WebSSO.

System_CAPS_pubclassCustomTransform

The transform to use for the CustomModule. Provides a reference to a user provided extensibility class which implements the IClaimTransform interface.

System_CAPS_pubclassDebugLogSwitch

This class supports the AD FS infrastructure and is not intended to be used directly from your code. An abstract base class for debug tracing.

System_CAPS_pubclassFederationCertificates

AD FS token verification certificates in the Federation Service Certificate Store.

System_CAPS_pubclassFederationServerConfiguration

This class supports the AD FS infrastructure and is not intended to be used directly from your code. Encapsulates the configuration parameters of the federation server from web.config.

System_CAPS_pubclassFederationServerConfigurationHandler

This class supports the AD FS infrastructure and is not intended to be used directly from your code. Invoked by ASP.NET to load configuration changes made to the web.config.

System_CAPS_pubclassFederationServerService

This class supports the AD FS infrastructure and is not intended to be used directly from your code. Represents a Federation Server Web service.

System_CAPS_pubclassFederationServerSoapProxy

This API supports the product infrastructure and is not intended to be used directly from your code. This class supports the AD FS infrastructure and is not meant to be used directly from your code. The AD FS Web Agent and the Federation Service Proxy use this class to communicate with the Federation Server.

System_CAPS_pubclassFsInformationData

This class supports the AD FS infrastructure and is not meant to be used directly from your code. This class encapsulates the FS trust information that is retrieved by the WS by means of the GetFsTrustInformation web method call.

System_CAPS_pubclassGroupClaim

A group claim for the trusting or trusted realm.

System_CAPS_pubclassGroupClaimCollection

A collection of GroupClaim objects.

System_CAPS_pubclassGroupClaimTransform

A transform for a GroupClaim object.

System_CAPS_pubclassGroupClaimTransformCollection

A collection of GroupClaimTransform objects.

System_CAPS_pubclassGroupLdapAttribute

Specifies how to populate a GroupClaim based on the value of an LDAP user attribute, when added to a GroupLdapAttributeCollection as part of an LdapClaimGeneration object for an AccountStore. At authentication time, the LDAP attribute specified in the GroupAttribute property will be queried, and if any of its values match the value specified in GroupAttributeValue it will cause the group claim, identified by CorporateGroupUuid, to be added to the user claims. If using an active scripting language like VBScript, the recommended method for constructing a GroupLdapAttribute object is CreateGroupLdapAttribute.

System_CAPS_pubclassGroupLdapAttributeCollection

A collection of GroupLdapAttribute objects.

System_CAPS_pubclassGroupToUpnClaimTransform

Transforms a GroupClaim to a UpnClaim.

System_CAPS_pubclassGroupToUpnClaimTransformCollection

An ordered list of GroupToUpnClaimTransform objects.

System_CAPS_pubclassKerberosSigningMethod

Defines a way for the Federation Service to digitally sign an AD FS token for an application (represented in the trust policy by a TrustingApplication object). Such tokens are signed using symmetric keys which are securely shared using the Kerberos security protocol of a Windows forest. A KerberosSigningMethod defined for a particular application overrides the global default X509SigningMethod defined in a Federation Service’s web.config file. Because the KerberosSigningMethod utilizes a cached symmetric session key, it may provide performance benefits over the default asymmetric-key-based signing method.

System_CAPS_pubclassKerberosVerificationMethod

This class supports the AD FS infrastructure and is not intended to be used directly from your code. The KerberosVerificationMethod class is used by the AD FS web agents to verify AD FS tokens with Kerberos-based digital signatures.

System_CAPS_pubclassLdapClaimGeneration

Defines a way of populating claims for an LDAP-based account store (represented by an LdapDirectoryAccountStore object in the trust policy). Attributes on user objects can be mapped into email, UPN, common name, group, or custom claims. The UPNAttribute property must be null when the LdapClaimGeneration applies to Active Directory.

System_CAPS_pubclassLdapDirectoryAccountStore

Specifies properties about connecting to, authenticating users against, and generating claims from an LDAP-based account store. As a top level member of the TrustPolicy’s TrustedAccountStores collection, it represents an ADAM account store. As a property of an ActiveDirectoryAccountStore object it specifies LDAP-related configuration for Active Directory.

System_CAPS_pubclassLogonServerConfigurationHandler

Reads configuration data for the Logon Server component of AD FS, which runs on the Federation Service and Federation Service Proxy and is responsible for handling protocol requests to the endpoint URL.

System_CAPS_pubclassLSAuthenticationModule

Implements the Logon Server component of AD FS, which runs on the Federation Service and Federation Service Proxy and is responsible for handling protocol requests to the endpoint URL.

System_CAPS_pubclassLSAuthenticationObject

Allows web forms (like clientlogon.aspx) to interact with the Federation Service or Federation Service Proxy on which they are running.

System_CAPS_pubclassLSCleanupFormContext

Provides the information necessary for a Web form to perform state cleanup.

System_CAPS_pubclassLSCredentialFormContext

Provides the information needed for a Web form to collect credentials.

System_CAPS_pubclassLSDiscoveryFormContext

Provides the information necessary for a Web form to discover the client home realm.

System_CAPS_pubclassLSFormContext

Enables the logon server to communicate to ASP.NET Web forms that it invokes. This object may be cast to a more specific context type based on the value in the CurrentAction property.

System_CAPS_pubclassLSPolicyFormContext

Provides the information needed for the PolicyEnforcement action.

System_CAPS_pubclassMetabaseHelper

This class supports the AD FS infrastructure and is not intended to be used directly from your code. The MetabaseHelper class exposes configuration functionality through COM to the AD FS Web Agent for Windows NT Token management UI.

System_CAPS_pubclassNamespaces

This class supports the AD FS infrastructure and is not intended to be used directly from your code. The Namespaces class is used to override the default WS* and claims namespaces used by AD FS when generating WS-Federation Passive Requester Interoperability Profile messages and SAML tokens.

System_CAPS_pubclassNameSuffixTransform

Configured as part of a TrustingRealmClaimTransformation object to specify how to transform email or UPN suffixes for consumption by a resource partner.

System_CAPS_pubclassNameSuffixValidationTransform

Configured as part of a TrustedRealmClaimTransformation object to indicate the e-mail or UPN namespaces for which an account partner is trusted to issue tokens. The NameSuffixValidationTransform class is part of the Federation Service’s trust policy configuration.

System_CAPS_pubclassNoAcceptableCredentialException

The exception that is thrown when no acceptable credential is provided.

System_CAPS_pubclassProxyConfigurationInformation

Specifies the configuration information that the Federation Server and any Federation Server proxies use to write cookies. The ProxyConfigurationInformation class is part of the Federation Service’s trust policy configuration.

System_CAPS_pubclassProxyInformation

This class supports the AD FS infrastructure and is not intended to be used directly from your code. A ProxyInformation object is retrieved by a Federation Service proxy by calling GetFsTrustInformation, and contains configuration information necessary for the proxy to function.

System_CAPS_pubclassRSTRResult

This API supports the product infrastructure and is not intended to be used directly from your code. This class supports the AD FS infrastructure and is not intended for public use. An RSTRResult object is used by the Federation Service to return the result of the LsRequestSecurityToken and LsRequestSecurityTokenWithCookie methods.

System_CAPS_pubclassSigningMethod

This class supports the AD FS infrastructure and is not intended to be used directly from your code. Its derived classes are part of the Federation Service’s trust policy configuration. However, user code should not derive from this class.

System_CAPS_pubclassSingleSignOnIdentity

Used by the ASP.Net web application to get direct claim information about the authenticated client. The web application can also control the occurrences of redirects to the logon server.

System_CAPS_pubclassSingleSignOnMembershipProvider

The SingleSignOnMembershipProvider class is intended for use by the Windows Sharepoint Services (WSS) version 3 scenario.

System_CAPS_pubclassSingleSignOnRoleProvider

The SingleSignOnRoleProvider class is intended to be used for the Windows SharePoint Services version 3 scenario.

System_CAPS_pubclassTrustConfigurationData

This API supports the product infrastructure and is not intended to be used directly from your code. The TrustConfigurationData class supports the AD FS infrastructure and is not intended to be used directly from your code.

System_CAPS_pubclassTrustedRealm

The trusted realm which represents a trusted account partner.

System_CAPS_pubclassTrustedRealmClaimTransformation

Defines the claim transformations used in the trust policy. These objects will be used for incoming corporate claim transformations from the TrustedRealm (account partner) this transformation is defined on.

System_CAPS_pubclassTrustedRealmCollection

A collection of TrustedRealm objects.

System_CAPS_pubclassTrustedWindowsDomains

Represents Windows domains that are allowed from this account partner, assuming this realm is a Windows realm. For example, this partner is in a forest which is trusted by the forest to which this Federation Server is joined.

System_CAPS_pubclassTrustingApplication

Gets or sets a TrustingRealmClaimTransformation to use for transforming claims for this trusting application.

System_CAPS_pubclassTrustingApplicationCollection

A collection of TrustingApplication objects.

System_CAPS_pubclassTrustingRealm

The trusting realm represents a trusting resource partner.

System_CAPS_pubclassTrustingRealmClaimTransformation

Defines the claim transformations used in the trust policy. The TrustingRealmClaimTransformation objects will be used for outgoing corporate claim transformations to the TrustingRealm (resource partner) that this transformation is defined on.

System_CAPS_pubclassTrustingRealmCollection

A collection of TrustingRealm objects.

System_CAPS_pubclassTrustPolicy

Administers the trust policy.

System_CAPS_pubclassTrustPolicyEntry

This class supports the AD FS infrastructure and is not meant to be used directly from your code. Represents an entry in a TrustPolicy object.

System_CAPS_pubclassTrustPolicyEntryBase

This class supports the AD FS infrastructure and is not meant to be used directly from your code. The base entry for a trust policy.

System_CAPS_pubclassTrustPolicyEntryCollection

A collection of TrustPolicyEntry objects.

System_CAPS_pubclassTrustPolicyFactory

Creates trust policies. If you are using an active scripting language like VBScript, this is the recommended class for constructing or loading a TrustPolicy object.

System_CAPS_pubclassTrustPolicyStringCollection

This class supports the AD FS infrastructure and is not meant to be used directly from your code. A collection of strings used for a trust policy.

System_CAPS_pubclassTrustRealm

The trust realm. This serves as the base class for trust entities like realms and applications in the Trust policy.

System_CAPS_pubclassUpnClaim

Represents a claim that has a user principal name (UPN) in a Kerberos format. For example, user@contoso.com.

System_CAPS_pubclassUserValidationInfo

Defines information returned by an account store after validating user credentials.

System_CAPS_pubclassVerificationMethod

Contains the certificates and SPNS used by the Federation Server to sign tokens. This class is abstract.

System_CAPS_pubclassVersionInformation

Version information for a software application. Use VersionInformation when retrieving trust information.

System_CAPS_pubclassWebSsoAuthenticationEventArgs

This class supports the AD FS infrastructure and is not intended for public use.

System_CAPS_pubclassWebSsoAuthenticationModule

Acts as the resource Web Server HttpModule. Enables ASP.NET applications to use AD FS for authentication.

System_CAPS_pubclassWebSsoConfigurationException

Thrown by AD FS for configuration errors either in the web.config or the trust policy.

System_CAPS_pubclassWebSsoConfigurationHandler

This API supports the product infrastructure and is not intended to be used directly from your code. This class supports the AD FS infrastructure and is not intended to be used directly from your code. A WebSSO configuration handler object.

System_CAPS_pubclassWebSsoTokenVerifier

This API supports the product infrastructure and is not intended to be used directly from your code. This class supports the AD FS infrastructure and is not intended to be used directly from your code. Verifies incoming tokens when called by the authentication service.

System_CAPS_pubclassWrongPrincipalException

An exception thrown if the security token, based on collected credentials, pertains to a different principal than the current accelerator token.

System_CAPS_pubclassX509SigningMethod

This API supports the product infrastructure and is not intended to be used directly from your code. This class supports the AD FS infrastructure and is not intended to be used directly from your code. The X509SigningMethod class describes a method of signing tokens using an X509 certificate and its associated private key.

System_CAPS_pubclassX509VerificationMethod

Manages the list of certificates used by the Federation Server and is used by the TrustedRealm object. The RevocationFlags enumeration passed to the TrustedRealm object is used by the X509VerificationMethod Class. This is a helper object that is used in coding modifications to trust policies.

InterfaceDescription
System_CAPS_pubinterfaceIAccountStore

This class supports the AD FS infrastructure and is not meant to be used directly from your code.

System_CAPS_pubinterfaceIClaimTransform

Extends the options for how claim transformations are handled by the Federation Server. Use this interface to customize claim transformations and write code to implement those customized transformations. You must register the class that implements this interface by using the CustomTransformation property of the TrustPolicy class, or by specifying it in the Federation Server Administration snap-in.

System_CAPS_pubinterfaceIFederationServer

This interface supports the AD FS infrastructure and is not intended to be used directly from your code. The IFederationServer interface provides a layer of abstraction to allow the LSAuthenticationObject to function in the same way regardless of whether the FederationServerService object is located in the same process.

System_CAPS_pubinterfaceIMetabaseHelper

This API supports the product infrastructure and is not intended to be used directly from your code. This interface supports the AD FS infrastructure and is not intended to be used directly from your code. The IMetabaseHelper interface exposes configuration functionality through COM to the AD FS Web Agent for Windows NT Token management UI.

System_CAPS_pubinterfaceIWebSsoTokenVerifier

This interface supports the AD FS infrastructure and is not intended to be used directly from your code. The IWebSsoTokenVerifier interface exposes token verification functionality through COM to the AD FS Web Agent Authentication Service.

DelegateDescription
System_CAPS_pubdelegateWebSsoAuthenticationEventHandler

The WebSsoAuthenticationEventHandler field supports the AD FS infrastructure and is not intended to be used directly from your code.

EnumerationDescription
System_CAPS_pubenumAccountStore.AccountStoreType

Specifies the type of account store to which the AccountStore object belongs.

System_CAPS_pubenumClaimTransformStage

Identifies the point at which a CustomClaimTransform class is called. A CustomClaimTransform class will be called twice, once before the built-in transforms are evaluated, and once after.

System_CAPS_pubenumClaimType

The ClaimType enumeration identifies the claim type to choose.

System_CAPS_pubenumIdentityClaimType

This enumeration supports the AD FS infrastructure and is not meant to be used directly from your code. Identifies the type of identity claim that is being used. Claim configurations are based on specified attributes, such as the common name (CN) attribute, e-mail addresses, UPNs, group SIDs or custom attributes, such as titles.

System_CAPS_pubenumLSFormAction

Indicates the requested operation to an AD FS Web form.

System_CAPS_pubenumRevocationFlags

Indicates what revocation checking activities should be performed by AD FS, when configured on an X509VerificationMethod object. These flags will eventually be passed to the cryptography CertGetCertificateChain function. The RevocationFlags enumeration is part of the Federation Service’s trust policy configuration.

System_CAPS_pubenumRSTRStatus

This enumeration supports the AD FS infrastructure and is not intended for public use. An RSTRStatus enumeration is set on an RSTRResult object to indicate the result of the LsRequestSecurityToken and LsRequestSecurityTokenWithCookie methods.

System_CAPS_pubenumShadowAccountExistance

Indicates whether shadow accounts are known to exist for users from a particular account partner. The ShadowAccountExistance enumeration is part of the Federation Service’s trust policy configuration.

System_CAPS_pubenumSingleSignOnEventLogLevel

Define the types of event logs and audit events written by AD FS components. The SingleSignOnEventLogLevel enumeration is part of the Federation Service’s trust policy configuration. It is also used in the configuration of the Federation Service proxy and claims-based web agent.

System_CAPS_pubenumTrustTypes

This enumeration supports the AD FS infrastructure and is not intended for public use.

System_CAPS_pubenumWebSsoClaimType

Identifies the type of WebSSO claim being used.

Return to top

Community Additions

ADD
Show: