System.IdentityModel.Services Namespace

The System.IdentityModel.Services namespace primarily contains classes that are used in applications built using Windows Identity Foundation (WIF) that perform federated authentication with the WS-Federation protocol. It contains the HTTP Modules, WSFederationAuthenticationModule (WSFAM) and SessionAuthenticationModule (SAM), as well as classes that support their operation. The WSFAM provides handling for the WS-Federation sign-in and sign-out sequences and the SAM provides session management by maintaining and handling cookies. The namespace also contains classes that represent WS-Federation messages (WSFederationMessage), such as sign-in (SignInRequestMessage, SignInResponseMessage) and sign-out messages (SignOutRequestMessage), as well as serializers that serialize and deserialize between the object model and the on-the-wire representations of these messages.

Classes

AsynchronousOperationException

The exception that is thrown when an error occurs during an asynchronous operation.

AttributeRequestMessage

Represents a WS-Federation Attribute Request message. This message is created when the wa parameter in the received message is "wattr1.0".

AuthorizationFailedEventArgs

Provides data for the AuthorizationFailed event.

ChunkedCookieHandler

Represents a cookie handler that writes cookie data so that cookies never exceed a set size.

ChunkedCookieHandlerElement

Represents the <chunkedCookieHandler> configuration element.

ClaimsAuthorizationModule

Represents an HTTP module that performs claims-based authorization.

ClaimsPrincipalPermission

Represents a permission that uses a ClaimsAuthorizationManager implementation to determine if access to a resource should be granted to the active principal. This class cannot be inherited.

ClaimsPrincipalPermissionAttribute

Represents a security attribute used to declaratively assign access checks based on the logic provided by the ClaimsAuthorizationManager instance in the current application context. This class cannot be inherited.

CookieHandler

Provides an abstract base class for reading, writing, and deleting session cookies on an HTTP client.

CookieHandlerElement

Represents the <cookieHandler> configuration element.

ErrorEventArgs

Provides data for the SignOutError event.

FederatedAuthentication

Provides access to state pertinent to all HTTP modules relevant to federated authentication in the web application.

FederatedAuthenticationSessionEndingException

Indicates that the sign-in session should being terminated, and the current request is unauthenticated.

FederatedPassiveSecurityTokenServiceOperations

A utility class that encapsulates the operations typically performed by a Federated Passive Security Token Service.

FederatedSessionExpiredException

The exception that is thrown when a session has expired.

FederationException

Base class for exceptions raised in WS-Federation support.

FederationManagement

Defines static methods for creating Federation Metadata documents and for updating application configuration based on Federation Metadata documents.

FederationMessage

Defines the base class from which all federation message classes derive.

HttpModuleBase

The base class from which HTTP modules that are configurable with the <system.identityModel.services> element (SystemIdentityModelServicesSection) derive.

MachineKeyTransform

Protects session tokens with the cryptographic material specified in the <machineKey> section of the web.config or machine.config configuration file.

PseudonymRequestMessage

Represents a WS-Federation Pseudonym Request message. This message is created when the received message wa parameter is "wpseudo1.0".

RedirectingToIdentityProviderEventArgs

Provides data for the RedirectingToIdentityProvider event.

SecurityTokenReceivedEventArgs

Provides data for the SecurityTokenReceived event.

SecurityTokenValidatedEventArgs

Provides data for the SecurityTokenValidated event.

ServiceCertificateElement

Represents the <serviceCertificate> element in a configuration file.

SessionAuthenticationModule

Implements an ASP.NET module that processes session cookies in WS-Federation scenarios.

SessionSecurityTokenCreatedEventArgs

Provides data for the SessionSecurityTokenCreated event and for the SessionSecurityTokenCreated event.

SessionSecurityTokenReceivedEventArgs

Provides data for the SessionSecurityTokenReceived event.

SessionSecurityTokenResolver

Resolves session security tokens from the current cache.

SigningOutEventArgs

Provides data for the SigningOut event.

SignInRequestMessage

Represents a WS-Federation Sign-In Request message.

SignInResponseMessage

Represents a WS-Federation Sign-In Response message.

SignOutCleanupRequestMessage

Represents a WS-Federation Sign-Out Cleanup message. The message is created when the received message has the action parameter (wa) set to "wsignoutcleanup1.0".

SignOutRequestMessage

Represents a WS-Federation sign-out message. This message is created when the received message has the action parameter (wa) set to "wsignout1.0".

WSFederationAuthenticationModule

The WSFederationAuthenticationModule is an HTTP module which is used to secure an ASP.NET application by enforcing federated authentication settings on incoming requests. The WSFederationAuthenticationModule is the main module that WIF offers out of the box for handling claims-based identity access in ASP.NET applications.

The WSFederationAuthenticationModule raises several events, which allows ASP.NET developers to change the default behavior and control the details of how authentication and claims processing take place. The WSFederationAuthenticationModule functionality is divided into task-specific methods.

WSFederationMessage

Represents a WS-Federation message and defines the base class from which more specialized WS-Federation message classes derive.

WSFederationMessageException

The exception that is thrown when an error occurs while serializing or deserializing a WS-Federation message.

WSFederationSerializer

Provides methods to convert a WS-Federation message to RequestSecurityToken and RequestSecurityTokenResponse objects, which are WS-Trust protocol specific.

Enums

ApplicationType

Specifies the kind of application.

CookieHandlerMode

Specifies the cookie handler modes that are supported.

Defines the possible values of the Mode property. This property defines the kind of cookie handler that a CookieHandlerElement object configures. For more information, see the CookieHandlerElement class.