Web Agent for Claims-Aware Applications

Applies To: Windows Server 2008

The claims-aware agent is used on a Web server that hosts a claims-aware application to allow the querying of Active Directory Domain Services (AD DS) security token claims. A claims-aware application is a Microsoft ASP.NET application that uses claims that are present in an Active Directory Federation Services (AD FS) security token to make authorization decisions and provide additional application personalization.


The following is a list of all aspects that are part of this managed entity:

Name Description

Claims-Aware Application Configuration

AD FS Web Agent for claims-aware applications configuration logs how the claims-aware agent processes configuration information in the web.config file.

Claims-Aware Application Malformed Requests

Web Agent for Claims-Aware Applications Malformed Requests logs token requests, session cookies, and sign-in requests that are associated with the claims-aware agent. Malformed Requests also provides information about protocol requests that are made to the AD FS Web Agent and client cookies, and it records any sign-on issues.

Claims-Aware Application Membership/Role Provider

Web Agent for Claims-Aware Applications Membership/Role Providers log the creation and management of users accounts, group accounts, and the various roles that are associated with the claims-aware agent.

Federation Service Communication

Federation Service communication is communication between federation servers and Web servers that host the claims-aware agent. The Web server should be updated from the Federation Service. Federation Service communication fails when the Active Directory Federation Services (AD FS) Web Agent cannot be updated.

Active Directory Federation Services