System.Web.Security.SingleSignOn Namespace

  • Article

 

Contains the types that expose the Single Sign-on functionality for Active Directory Federation Services (ADFS).

Classes

Class Description
System_CAPS_pubclass AccountStore

Represents a service that defines identities and attributes for controlling user access to Web site resources, such as Active Directory Domain Services.
System_CAPS_pubclass AccountStoreCollection

Defines methods and properties for a collection of AccountStore objects.
System_CAPS_pubclass ActiveDirectoryAccountStore

An Active Directory account store.
System_CAPS_pubclass ActiveDirectoryGroupClaim

A type of GroupClaim that has an active directory group object associated with it. If the organizational claims in the token contain an ActiveDirectoryGroupClaim object, that security principal is considered a member of the Active Directory group object associated with it.
System_CAPS_pubclass ADGroupGeneration

Configures an ActiveDirectoryAccountStore so that the Federation Server generates group claims at run-time for authenticated users. Claims configurations are based on specified attributes, such as the common name (CN) attribute, e-mail addresses, UPNs, group SIDs or custom attributes, such as titles.
System_CAPS_pubclass ADGroupGenerationCollection

A collection of ADGroupGeneration objects.
System_CAPS_pubclass BoundedSizeLogFileTraceListener

Directs tracing or debugging output to a Writer.
System_CAPS_pubclass CertificateChainContext

A managed wrapper for the native CERT_CHAIN_CONTEXT structure. For more information about the CERT_CHAIN_CONTEXT structure, see "CERT_CHAIN_CONTEXT" in security section of the MSDN library.
System_CAPS_pubclass CertificateContext

A managed wrapper for the native CERT_CONTEXT structure. For more information about the CERT_CONTEXT structure, see "CERT_CONTEXT" in security section of the MSDN library.
System_CAPS_pubclass CertificateException

The exception thrown when a certificate error occurs.
System_CAPS_pubclass CertificateHasNoPrivateKeyException

Configured signing certificates should contain private keys that are used to sign data. This exception is thrown if the certificate configured as a signing certificate does not have its private key.
System_CAPS_pubclass CertificateNotFoundException

The exception thrown when a certificate is not found.
System_CAPS_pubclass CertInfo

This API supports the product infrastructure and is not intended to be used directly from your code. The CertInfo object supports the AD FS infrastructure and is not intended to be used directly from your code. Used by the X509VerificationMethod to identify a particular certificate in the FederationCertificates certificate store of the TrustPolicy.
System_CAPS_pubclass CertInfoCollection

A collection of CertInfo objects.
System_CAPS_pubclass ClaimFactory

Creates different types of claim, claim generation, and claim transformation objects.
System_CAPS_pubclass ClaimFilteringTransform

A transform for claim filtering on the trusting realm. The claim filtering will apply to the TrustingRealmClaimTransformation object. The application applies the filters while it is processing corporate claims and outgoing claims on the resource side of the Federation Server. The ClaimFilteringTransform object specifies how incoming claims will be filtered for a TrustingRealm or a TrustingApplication object.
System_CAPS_pubclass ClaimsMappingException

The exception that is thrown if the Federation Service encountered an exception during claims mapping.
System_CAPS_pubclass ClientCredentialInfo

Contains information about client credentials, such as the authentication method that the client uses, information about the certificate, the client name and password, the account store URI, and so on.
System_CAPS_pubclass CommonNameClaimTransform

A transform to use for common name (CN) claims.
System_CAPS_pubclass CorporateClaims

A collection of group claims and custom claims that have relevance in a particular organization.
System_CAPS_pubclass CorporateClaimUuidCollection

A collection of universal unique identifiers (UUIDs) for corporate claims.
System_CAPS_pubclass CredentialsVerificationException

The exception that is thrown when credentials verification fails.
System_CAPS_pubclass CredentialsVerificationInfo

Contains the detailed results of credentials verification. Details include information about the Account Store that verified or failed to verify the credentials, resulting success or failure codes, and other information that could be useful for a detailed audit.
System_CAPS_pubclass CustomClaim

A custom claim on a trusting or trusted realm.
System_CAPS_pubclass CustomClaimCollection

A collection of CustomClaim objects.
System_CAPS_pubclass CustomClaimLdapAttribute

A class that defines a method for mapping LDAP attributes to CustomClaims.
System_CAPS_pubclass CustomClaimLdapAttributeCollection

A collection of CustomClaimLdapAttribute objects.
System_CAPS_pubclass CustomClaimTransform

A transform for a custom claim.
System_CAPS_pubclass CustomClaimTransformCollection

A collection of CustomClaimTransform objects.
System_CAPS_pubclass CustomModule

Provides a reference to a user provided extensibility class. Custom modules implement interfaces defined in WebSSO.
System_CAPS_pubclass CustomTransform

The transform to use for the CustomModule. Provides a reference to a user provided extensibility class which implements the IClaimTransform interface.
System_CAPS_pubclass DebugLogSwitch

This class supports the AD FS infrastructure and is not intended to be used directly from your code. An abstract base class for debug tracing.
System_CAPS_pubclass FederationCertificates

AD FS token verification certificates in the Federation Service Certificate Store.
System_CAPS_pubclass FederationServerConfiguration

This class supports the AD FS infrastructure and is not intended to be used directly from your code. Encapsulates the configuration parameters of the federation server from web.config.
System_CAPS_pubclass FederationServerConfigurationHandler

This class supports the AD FS infrastructure and is not intended to be used directly from your code. Invoked by ASP.NET to load configuration changes made to the web.config.
System_CAPS_pubclass FederationServerService

This class supports the AD FS infrastructure and is not intended to be used directly from your code. Represents a Federation Server Web service.
System_CAPS_pubclass FederationServerSoapProxy

This API supports the product infrastructure and is not intended to be used directly from your code. This class supports the AD FS infrastructure and is not meant to be used directly from your code. The AD FS Web Agent and the Federation Service Proxy use this class to communicate with the Federation Server.
System_CAPS_pubclass FsInformationData

This class supports the AD FS infrastructure and is not meant to be used directly from your code. This class encapsulates the FS trust information that is retrieved by the WS by means of the GetFsTrustInformation web method call.
System_CAPS_pubclass GroupClaim

A group claim for the trusting or trusted realm.
System_CAPS_pubclass GroupClaimCollection

A collection of GroupClaim objects.
System_CAPS_pubclass GroupClaimTransform

A transform for a GroupClaim object.
System_CAPS_pubclass GroupClaimTransformCollection

A collection of GroupClaimTransform objects.
System_CAPS_pubclass GroupLdapAttribute

Specifies how to populate a GroupClaim based on the value of an LDAP user attribute, when added to a GroupLdapAttributeCollection as part of an LdapClaimGeneration object for an AccountStore. At authentication time, the LDAP attribute specified in the GroupAttribute property will be queried, and if any of its values match the value specified in GroupAttributeValue it will cause the group claim, identified by CorporateGroupUuid, to be added to the user claims. If using an active scripting language like VBScript, the recommended method for constructing a GroupLdapAttribute object is CreateGroupLdapAttribute.
System_CAPS_pubclass GroupLdapAttributeCollection

A collection of GroupLdapAttribute objects.
System_CAPS_pubclass GroupToUpnClaimTransform

Transforms a GroupClaim to a UpnClaim.
System_CAPS_pubclass GroupToUpnClaimTransformCollection

An ordered list of GroupToUpnClaimTransform objects.
System_CAPS_pubclass KerberosSigningMethod

Defines a way for the Federation Service to digitally sign an AD FS token for an application (represented in the trust policy by a TrustingApplication object). Such tokens are signed using symmetric keys which are securely shared using the Kerberos security protocol of a Windows forest. A KerberosSigningMethod defined for a particular application overrides the global default X509SigningMethod defined in a Federation Service’s web.config file. Because the KerberosSigningMethod utilizes a cached symmetric session key, it may provide performance benefits over the default asymmetric-key-based signing method.
System_CAPS_pubclass KerberosVerificationMethod

This class supports the AD FS infrastructure and is not intended to be used directly from your code. The KerberosVerificationMethod class is used by the AD FS web agents to verify AD FS tokens with Kerberos-based digital signatures.
System_CAPS_pubclass LdapClaimGeneration

Defines a way of populating claims for an LDAP-based account store (represented by an LdapDirectoryAccountStore object in the trust policy). Attributes on user objects can be mapped into email, UPN, common name, group, or custom claims. The UPNAttribute property must be null when the LdapClaimGeneration applies to Active Directory.
System_CAPS_pubclass LdapDirectoryAccountStore

Specifies properties about connecting to, authenticating users against, and generating claims from an LDAP-based account store. As a top level member of the TrustPolicy’s TrustedAccountStores collection, it represents an ADAM account store. As a property of an ActiveDirectoryAccountStore object it specifies LDAP-related configuration for Active Directory.
System_CAPS_pubclass LogonServerConfigurationHandler

Reads configuration data for the Logon Server component of AD FS, which runs on the Federation Service and Federation Service Proxy and is responsible for handling protocol requests to the endpoint URL.
System_CAPS_pubclass LSAuthenticationModule

Implements the Logon Server component of AD FS, which runs on the Federation Service and Federation Service Proxy and is responsible for handling protocol requests to the endpoint URL.
System_CAPS_pubclass LSAuthenticationObject

Allows web forms (like clientlogon.aspx) to interact with the Federation Service or Federation Service Proxy on which they are running.
System_CAPS_pubclass LSCleanupFormContext

Provides the information necessary for a Web form to perform state cleanup.
System_CAPS_pubclass LSCredentialFormContext

Provides the information needed for a Web form to collect credentials.
System_CAPS_pubclass LSDiscoveryFormContext

Provides the information necessary for a Web form to discover the client home realm.
System_CAPS_pubclass LSFormContext

Enables the logon server to communicate to ASP.NET Web forms that it invokes. This object may be cast to a more specific context type based on the value in the CurrentAction property.
System_CAPS_pubclass LSPolicyFormContext

Provides the information needed for the PolicyEnforcement action.
System_CAPS_pubclass MetabaseHelper

This class supports the AD FS infrastructure and is not intended to be used directly from your code. The MetabaseHelper class exposes configuration functionality through COM to the AD FS Web Agent for Windows NT Token management UI.
System_CAPS_pubclass Namespaces

This class supports the AD FS infrastructure and is not intended to be used directly from your code. The Namespaces class is used to override the default WS* and claims namespaces used by AD FS when generating WS-Federation Passive Requester Interoperability Profile messages and SAML tokens.
System_CAPS_pubclass NameSuffixTransform

Configured as part of a TrustingRealmClaimTransformation object to specify how to transform email or UPN suffixes for consumption by a resource partner.
System_CAPS_pubclass NameSuffixValidationTransform

Configured as part of a TrustedRealmClaimTransformation object to indicate the e-mail or UPN namespaces for which an account partner is trusted to issue tokens. The NameSuffixValidationTransform class is part of the Federation Service’s trust policy configuration.
System_CAPS_pubclass NoAcceptableCredentialException

The exception that is thrown when no acceptable credential is provided.
System_CAPS_pubclass ProxyConfigurationInformation

Specifies the configuration information that the Federation Server and any Federation Server proxies use to write cookies. The ProxyConfigurationInformation class is part of the Federation Service’s trust policy configuration.
System_CAPS_pubclass ProxyInformation

This class supports the AD FS infrastructure and is not intended to be used directly from your code. A ProxyInformation object is retrieved by a Federation Service proxy by calling GetFsTrustInformation, and contains configuration information necessary for the proxy to function.
System_CAPS_pubclass RSTRResult

This API supports the product infrastructure and is not intended to be used directly from your code. This class supports the AD FS infrastructure and is not intended for public use. An RSTRResult object is used by the Federation Service to return the result of the LsRequestSecurityToken and LsRequestSecurityTokenWithCookie methods.
System_CAPS_pubclass SigningMethod

This class supports the AD FS infrastructure and is not intended to be used directly from your code. Its derived classes are part of the Federation Service’s trust policy configuration. However, user code should not derive from this class.
System_CAPS_pubclass SingleSignOnIdentity

Used by the ASP.Net web application to get direct claim information about the authenticated client. The web application can also control the occurrences of redirects to the logon server.
System_CAPS_pubclass SingleSignOnMembershipProvider

The SingleSignOnMembershipProvider class is intended for use by the Windows Sharepoint Services (WSS) version 3 scenario.
System_CAPS_pubclass SingleSignOnRoleProvider

The SingleSignOnRoleProvider class is intended to be used for the Windows SharePoint Services version 3 scenario.
System_CAPS_pubclass TrustConfigurationData

This API supports the product infrastructure and is not intended to be used directly from your code. The TrustConfigurationData class supports the AD FS infrastructure and is not intended to be used directly from your code.
System_CAPS_pubclass TrustedRealm

The trusted realm which represents a trusted account partner.
System_CAPS_pubclass TrustedRealmClaimTransformation

Defines the claim transformations used in the trust policy. These objects will be used for incoming corporate claim transformations from the TrustedRealm (account partner) this transformation is defined on.
System_CAPS_pubclass TrustedRealmCollection

A collection of TrustedRealm objects.
System_CAPS_pubclass TrustedWindowsDomains

Represents Windows domains that are allowed from this account partner, assuming this realm is a Windows realm. For example, this partner is in a forest which is trusted by the forest to which this Federation Server is joined.
System_CAPS_pubclass TrustingApplication

Gets or sets a TrustingRealmClaimTransformation to use for transforming claims for this trusting application.
System_CAPS_pubclass TrustingApplicationCollection

A collection of TrustingApplication objects.
System_CAPS_pubclass TrustingRealm

The trusting realm represents a trusting resource partner.
System_CAPS_pubclass TrustingRealmClaimTransformation

Defines the claim transformations used in the trust policy. The TrustingRealmClaimTransformation objects will be used for outgoing corporate claim transformations to the TrustingRealm (resource partner) that this transformation is defined on.
System_CAPS_pubclass TrustingRealmCollection

A collection of TrustingRealm objects.
System_CAPS_pubclass TrustPolicy

Administers the trust policy.
System_CAPS_pubclass TrustPolicyEntry

This class supports the AD FS infrastructure and is not meant to be used directly from your code. Represents an entry in a TrustPolicy object.
System_CAPS_pubclass TrustPolicyEntryBase

This class supports the AD FS infrastructure and is not meant to be used directly from your code. The base entry for a trust policy.
System_CAPS_pubclass TrustPolicyEntryCollection

A collection of TrustPolicyEntry objects.
System_CAPS_pubclass TrustPolicyFactory

Creates trust policies. If you are using an active scripting language like VBScript, this is the recommended class for constructing or loading a TrustPolicy object.
System_CAPS_pubclass TrustPolicyStringCollection

This class supports the AD FS infrastructure and is not meant to be used directly from your code. A collection of strings used for a trust policy.
System_CAPS_pubclass TrustRealm

The trust realm. This serves as the base class for trust entities like realms and applications in the Trust policy.
System_CAPS_pubclass UpnClaim

Represents a claim that has a user principal name (UPN) in a Kerberos format. For example, user@contoso.com.
System_CAPS_pubclass UserValidationInfo

Defines information returned by an account store after validating user credentials.
System_CAPS_pubclass VerificationMethod

Contains the certificates and SPNS used by the Federation Server to sign tokens. This class is abstract.
System_CAPS_pubclass VersionInformation

Version information for a software application. Use VersionInformation when retrieving trust information.
System_CAPS_pubclass WebSsoAuthenticationEventArgs

This class supports the AD FS infrastructure and is not intended for public use.
System_CAPS_pubclass WebSsoAuthenticationModule

Acts as the resource Web Server HttpModule. Enables ASP.NET applications to use AD FS for authentication.
System_CAPS_pubclass WebSsoConfigurationException

Thrown by AD FS for configuration errors either in the web.config or the trust policy.
System_CAPS_pubclass WebSsoConfigurationHandler

This API supports the product infrastructure and is not intended to be used directly from your code. This class supports the AD FS infrastructure and is not intended to be used directly from your code. A WebSSO configuration handler object.
System_CAPS_pubclass WebSsoTokenVerifier

This API supports the product infrastructure and is not intended to be used directly from your code. This class supports the AD FS infrastructure and is not intended to be used directly from your code. Verifies incoming tokens when called by the authentication service.
System_CAPS_pubclass WrongPrincipalException

An exception thrown if the security token, based on collected credentials, pertains to a different principal than the current accelerator token.
System_CAPS_pubclass X509SigningMethod

This API supports the product infrastructure and is not intended to be used directly from your code. This class supports the AD FS infrastructure and is not intended to be used directly from your code. The X509SigningMethod class describes a method of signing tokens using an X509 certificate and its associated private key.
System_CAPS_pubclass X509VerificationMethod

Manages the list of certificates used by the Federation Server and is used by the TrustedRealm object. The RevocationFlags enumeration passed to the TrustedRealm object is used by the X509VerificationMethod Class. This is a helper object that is used in coding modifications to trust policies.

Interfaces

Interface Description
System_CAPS_pubinterface IAccountStore

This class supports the AD FS infrastructure and is not meant to be used directly from your code.
System_CAPS_pubinterface IClaimTransform

Extends the options for how claim transformations are handled by the Federation Server. Use this interface to customize claim transformations and write code to implement those customized transformations. You must register the class that implements this interface by using the CustomTransformation property of the TrustPolicy class, or by specifying it in the Federation Server Administration snap-in.
System_CAPS_pubinterface IFederationServer

This interface supports the AD FS infrastructure and is not intended to be used directly from your code. The IFederationServer interface provides a layer of abstraction to allow the LSAuthenticationObject to function in the same way regardless of whether the FederationServerService object is located in the same process.
System_CAPS_pubinterface IMetabaseHelper

This API supports the product infrastructure and is not intended to be used directly from your code. This interface supports the AD FS infrastructure and is not intended to be used directly from your code. The IMetabaseHelper interface exposes configuration functionality through COM to the AD FS Web Agent for Windows NT Token management UI.
System_CAPS_pubinterface IWebSsoTokenVerifier

This interface supports the AD FS infrastructure and is not intended to be used directly from your code. The IWebSsoTokenVerifier interface exposes token verification functionality through COM to the AD FS Web Agent Authentication Service.

Delegates

Delegate Description
System_CAPS_pubdelegate WebSsoAuthenticationEventHandler

The WebSsoAuthenticationEventHandler field supports the AD FS infrastructure and is not intended to be used directly from your code.

Enumerations

Enumeration Description
System_CAPS_pubenum AccountStore.AccountStoreType

Specifies the type of account store to which the AccountStore object belongs.
System_CAPS_pubenum ClaimTransformStage

Identifies the point at which a CustomClaimTransform class is called. A CustomClaimTransform class will be called twice, once before the built-in transforms are evaluated, and once after.
System_CAPS_pubenum ClaimType

The ClaimType enumeration identifies the claim type to choose.
System_CAPS_pubenum IdentityClaimType

This enumeration supports the AD FS infrastructure and is not meant to be used directly from your code. Identifies the type of identity claim that is being used. Claim configurations are based on specified attributes, such as the common name (CN) attribute, e-mail addresses, UPNs, group SIDs or custom attributes, such as titles.
System_CAPS_pubenum LSFormAction

Indicates the requested operation to an AD FS Web form.
System_CAPS_pubenum RevocationFlags

Indicates what revocation checking activities should be performed by AD FS, when configured on an X509VerificationMethod object. These flags will eventually be passed to the cryptography CertGetCertificateChain function. The RevocationFlags enumeration is part of the Federation Service’s trust policy configuration.
System_CAPS_pubenum RSTRStatus

This enumeration supports the AD FS infrastructure and is not intended for public use. An RSTRStatus enumeration is set on an RSTRResult object to indicate the result of the LsRequestSecurityToken and LsRequestSecurityTokenWithCookie methods.
System_CAPS_pubenum ShadowAccountExistance

Indicates whether shadow accounts are known to exist for users from a particular account partner. The ShadowAccountExistance enumeration is part of the Federation Service’s trust policy configuration.
System_CAPS_pubenum SingleSignOnEventLogLevel

Define the types of event logs and audit events written by AD FS components. The SingleSignOnEventLogLevel enumeration is part of the Federation Service’s trust policy configuration. It is also used in the configuration of the Federation Service proxy and claims-based web agent.
System_CAPS_pubenum TrustTypes

This enumeration supports the AD FS infrastructure and is not intended for public use.
System_CAPS_pubenum WebSsoClaimType

Identifies the type of WebSSO claim being used.

Return to top