Export (0) Print
Expand All

CustomClaim Class

A custom claim on a trusting or trusted realm.


Namespace: System.Web.Security.SingleSignOn
Assembly: System.Web.Security.SingleSignOn (in system.web.security.singlesignon.dll)

A claim set defines the language that can be used within a corporation or between two agreeing corporations. When used between two corporations it is the incarnation of a business level agreement to exchange the defined authorization data.

The following are the supported claim producers and consumers for custom claims:

  • Active Directory Account Store. When the Active Directory store is configured, the Federation Service administrator can specify what LDAP user attributes contain claim values and then assign each attribute name to an Organization custom claim.

  • ADAM Account Store. When the ADAM account store is configured, the Federation Service administrator can specify the LDAP user attributes containing claim values. The administrator will assign each attribute name to an Organization Custom claim.

  • Account Partner. When the account partner is configured, the Federation Service administrator will specify a set of incoming names of custom claims that will be accepted from the partner and map each possible incoming name to an Organization custom claim (note that this creates a name transform). If an incoming custom claim is encountered that has no transform, it will be discarded.

  • Resource Partner. When the resource partner is configured, the Federation Service administrator can specify a set of outgoing custom claims that will be accepted by the resource partner and map each possible outgoing custom claim to an Organization custom claim (note that this creates a set of name transforms). Organization custom claims that match no Outgoing custom claim will be discarded.

  • Claims-Aware Application. When the application is configured, the Federation Service administrator will specify the Organization custom claims that will be sent to the application. Organization custom claims that are not designated to be sent to the application will be discarded.

System.Object
   System.Web.Security.SingleSignOn.TrustPolicyEntryBase
    System.Web.Security.SingleSignOn.CustomClaim

Any public static (Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.

Development Platforms

Target Platforms

Windows Server 2008, Windows Server 2003, Windows Vista, Windows Server 2003 R2, Windows XP
Footer image

Send comments about this topic to Microsoft.

Community Additions

ADD
Show:
© 2015 Microsoft