Reads configuration data for the Logon Server component of AD FS, which runs on the Federation Service and Federation Service Proxy and is responsible for handling protocol requests to the endpoint URL.
Assembly: System.Web.Security.SingleSignOn (in System.Web.Security.SingleSignOn.dll)
Initializes a new instance of theclass.
|Create(Object, Object, XmlNode)|
This method supports the AD FS infrastructure and is not intended for public use.
The web.config in the application root of Federation Service or Federation Service Proxy should register a system.web section called “logonserver” to be handled by this class. Such a registration looks like this:
<configuration> <configSections> <sectionGroup name="system.web"> <section name="logonserver" type="System.Web.Security.SingleSignOn.LogonServerConfigurationHandler, System.Web.Security.SingleSignOn, Version=188.8.131.52, Culture=neutral, PublicKeyToken=31BF3856AD364E35, Custom=null" /> </sectionGroup> </configSections> </configuration>
Element value description
The name of the aspx form which should be invoked for the DiscoverClientRealm action. The default is “discoverclientrealm.aspx”.
The name of the aspx form which should be invoked for the CollectionInitialCredentials and CollectAdditionalCredentials actions. The default is “clientlogon.aspx”.
The name of the aspx form which should be invoked for the CleanupTopLevel and CleanupNested actions. The default is “signout.aspx”.
The name of the aspx form which should be invoked for the PolicyEnforcement action. The default is null, which avoid the PolicyEnforcement action.
The number of seconds to pause before posting a token to a resource partner or application. The default is 0.
On the Federation Service Proxy, this indicates the frequency with which an otherwise idle proxy will consider calling GetProxyTrustInformation to refresh trust policy information from the Federation Service. The default is 30 minutes.
On the Federation Service Proxy, this indicates how old the trust policy information must be to warrant a call to GetProxyTrustInformation. Every policyinterval minutes, if the proxy has not made any call to the Federation Server in policythreshhold minutes or more, it forces a call to GetProxyTrustInformation to update the policy.
On the Federation Service Proxy, this specifies the URL of the Federation Service. Generally, this is of the form “https://fs.example.com/adfs/fs/federationserverservice.asmx”.
On the Federation Service Proxy, this specifies the thumbprint of the certificate from the Local Machine “My” store which should be used to perform client authentication to the Federation Service. This certificate hash must also be configured on the Federation Service in the TrustPolicy.LSClientCertificates collection.
On the Federation Service Proxy, this specifies the value of SingleSignOnEventLogLevel to be used for event logging and auditing. The default is SingleSignOnEventLogLevel.Everything.
Any public static ( Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.