CustomTransform Class

 

The transform to use for the CustomModule. Provides a reference to a user provided extensibility class which implements the IClaimTransform interface.

Namespace:   System.Web.Security.SingleSignOn
Assembly:  System.Web.Security.SingleSignOn (in System.Web.Security.SingleSignOn.dll)


[ComVisibleAttribute(true)]
public class CustomTransform : CustomModule

NameDescription
System_CAPS_pubmethodCustomTransform()

Initializes a new instance of the CustomTransform class.

NameDescription
System_CAPS_pubpropertyAssemblyPath

Gets and sets the path to the assembly for this module.(Inherited from CustomModule.)

System_CAPS_pubpropertyClassType

Gets and sets the name of the class which contains the extensibility code.(Inherited from CustomModule.)

System_CAPS_pubpropertyDisabled

Gets or sets whether the trust with this realm is currently active. If this is set, no tokens will be accepted from this partner.(Inherited from TrustPolicyEntryBase.)

System_CAPS_pubpropertyuuid

Gets or sets the universal unique identifier (UUID) for this TrustPolicyEntryBase object.(Inherited from TrustPolicyEntryBase.)

NameDescription
System_CAPS_pubmethodEquals(Object)

(Inherited from Object.)

System_CAPS_protmethodFinalize()

(Inherited from Object.)

System_CAPS_pubmethodGetHashCode()

(Inherited from Object.)

System_CAPS_pubmethodGetType()

(Inherited from Object.)

System_CAPS_protmethodMemberwiseClone()

(Inherited from Object.)

System_CAPS_pubmethodToString()

(Inherited from Object.)

The WebSSO Pluggable Claim Transform Module extends how claim transformations are handled by the Federation Server. It allows you to extend claim transformations and write code to implement your own transformations. The Federation Server administration snap-in will support adding to and deleting from the claim transformation module into the Federation Server trust policy. There is one custom claim transformation module registered per Federation Server.

The following tables indicate when in the claim transformation process the pluggable claim transformation module will be called in relation to the built-in claim transformations. The built-in claim transformation refers to the claim transformations defined in the trust policy. The top row of each table is the first transformation step and the bottom row of the table is the final transformation step. Note that at the final transformation step the outgoing claims are what will be sent in the token returned to the client. In each step some but not all of the claim collections may change. Change is indicated in the table by the version number of the claims in each step. The claims are not shown in the row when they will have no affect on further transformation steps. The claim transformation module is called twice for each scenario allowing a pre-processing stage and a post-processing stage.

The table below describes the order of the claim transformation steps when a token is being requested from the FS-A and getting a token for a FS –R, the resource side of a federation. This same table applies when credentials are either authenticated by an account store or when a cookie is used to authenticate.

Claim Transformation Step

Incoming claims

Corporate claims

Outgoing claims

Account Store

-

1

-

Custom Claim Transformation Module

-

2

1

Built-in claim transformations

-

2

2

Custom Claim Transformation Module

-

-

3

The table below describes the order of the claim transformation steps when a token is being requested from the FS-R and getting a token for a resource Web Server, the account side of a federation.

Claim Transformation Step

Incoming claims

Corporate claims

Outgoing claims

Incoming from FS-A

1

-

-

Custom Claim Transformation Module

2

1

1

Built-in claim transformations to corporate claims

2

2

1

Built in claim filtering for the application

-

2

2

Custom Claim Transformation Module

-

-

3

The table below describes the order of the claim transformation steps when a token is being requested from the FS-R with a cookie and getting a token for a resource Web Server, the account side of a federation. The difference between this table and the previous is that in this table there are no initial incoming claims and only the built in transform from corporate to outgoing application claims.

Claim Transformation Step

Incoming claims

Corporate claims

Outgoing claims

Incoming from cookie

-

1

-

Custom Claim Transformation Module

-

2

1

Built-in claim filtering for the application

-

2

2

Custom Claim Transformation Module

-

-

3

The table below describes the order of the claim transformation steps when a token is being requested from the Federation Server when it is acting as both the FS-A and the FS–R, in other words the client's Federation Server when the resource application directly trusts the Federating Service. This same table applies when either credentials are authenticated by an account store or when a cookie is used to authenticate.

Claim Transformation Step

Incoming claims

Corporate claims

Outgoing claims

Account Store

-

1

-

Custom Claim Transformation Module

-

2

1

Built-in claim filtering for the application

-

2

2

Custom Claim Transformation Module

-

-

3

Any public static ( Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.

Return to top

Community Additions

ADD
Show: