WSFederationAuthenticationModule Members

[Starting with the .NET Framework 4.5, Windows Identity Foundation (WIF) has been fully integrated into the .NET Framework. The version of WIF addressed by this topic, WIF 3.5, is deprecated and should only be used when developing against the .NET Framework 3.5 SP1 or the .NET Framework 4. For more information about WIF in the .NET Framework 4.5, also known as WIF 4.5, see the Windows Identity Foundation documentation in the .NET Framework 4.5 Development Guide.]

The WSFederationAuthenticationModule is an HTTP module that lets ASP.NET developers build claims aware applications. The WSFederationAuthenticationModule raises several events, which allows ASP.NET developers to customize its functionality in their applications. The WSFederationAuthenticationModule functionality is divided into task-specific methods to make it easier for ASP.NET developers to reuse and extend its functionality in their applications.

The following tables list the members exposed by the WSFederationAuthenticationModule type.

Public Constructors

	Name	Description
	WSFederationAuthenticationModule	Initializes a new instance of the WSFederationAuthenticationModule class.

Top

Public Properties

	Name	Description
	AuthenticationType	Federation passive "wauth" property.
	Freshness	This is an optional property applicable when FederationAuthenticationModule. PassiveRedirectEnabled is set to true. Use this property to get or set and optional parameter that identifies the desired maximum age of authentication specified in minutes.
	HomeRealm	Identity provider address.
	Issuer	This is a required property if PassiveRedirectEnabled is set to true. It specifies the URL of the STS where the caller is redirected to for authentication.
	PassiveRedirectEnabled	Specifies whether the module is enabled to initiate WS-Federation passive protocol redirects. This mode of operation of the module enables its use in scenarios that do not employ the Federated Passive SignIn ASP.NET control.
	PersistentCookiesOnPassiveRedirects	Specifies whether persistent cookies are issued when the module is enabled to initiate WS-Federation passive protocol redirects.
	Policy	Federation passive "wp" property.
	Realm	This is a required property if PassiveRedirectEnabled is set to true. Get or set a required property that is a URI identifying the relying party to the STS. (For identifying the STS to the RP, see Issuer).
	Reply	This is an optional property if PassiveRedirectEnabled is set to true. Get or set this optional parameter to a URL identifying the relying party to the STS.
	Request	This is an optional property applicable when PassiveRedirectEnabled is set to true. Get or set this optional parameter to send the request as a WS-Trust Request Security Token <RST> element.
	RequestPtr	This is an optional property applicable when PassiveRedirectEnabled is set to true. Get or set an optional parameter that contains a pointer to the request as a Request Security Token <RST> element.
	RequireHttps	If true, the communication with the passive STS must take place over an https: protocol.
	Resource	This is an optional property applicable when PassiveRedirectEnabled is set to true. Get or set this optional parameter to a URI that identifies the resource being accessed (relying party) to the STS.
	ServiceConfiguration	Gets or sets the ServiceConfiguration in effect for this module. (Inherited from HttpModuleBase)
	SignInContext	RP or STS defined context parameter.
	SignInQueryString	Query string of request, which may contain other message parameters.
	SignOutQueryString	Additional signout query strings.
	SignOutReply	Url to return to after signout.
	XmlDictionaryReaderQuotas	Gets/Sets the XmlDictionaryReaderQuotas.

Top

Public Methods

(see also Protected Methods)

	Name	Description
	CanReadSignInResponse	Overloaded. Determines if request is a WS-Federation Passive Protocol SignIn Response message from the STS.
	CreateSignInRequest	Creates a WS-Federation Passive Protocol SignIn Request, using the WS-Federation parameters configured on the module.
	Dispose	Disposes of the resources used by the module. (Inherited from HttpModuleBase)
	Equals	(Inherited from Object)
	FederatedSignOut	Sign out according to the WS-Federation protocol.
	GetFederationPassiveSignOutUrl	Gets the complete WS-Federation Passive signout url.
	GetHashCode	(Inherited from Object)
	GetSecurityToken	Overloaded. Reads a SecurityToken.
	GetSignInResponseMessage	Reads a SignInResponseMessage from the given HttpRequest.
	GetType	(Inherited from Object)
	GetXmlTokenFromMessage	Overloaded.
	Init	Initializes the module. (Inherited from HttpModuleBase)
	IsSignInResponse	Returns true if request is recognized as a SignIn response.
	RedirectToIdentityProvider	Redirect user to identity provider STS for obtaining a token using WS-Federation Passive Protocol.
	SetPrincipalAndWriteSessionToken	Set the thread principal and write the cookie.
	SignOut	Sign out and raise appropriate events.
	ToString	(Inherited from Object)
	VerifyProperties	Verifies that the Issuer and realm are non-empty and that, if HTTPS is required, the issuer and reply are HTTPS.

Top

Protected Methods

	Name	Description
	Finalize	(Inherited from Object)
	GetReferencedResult	Get the wresult string from a referenced URL.
	GetReturnUrlFromResponse	Extract the originally requested page (ReturnUrl) from the response.
	GetSessionTokenContext	Context to be persisted with the cookie. When using WS-Federation Passive protocol, we concatenate a type name to the signout url so we can initiate the signout protocol.
	GetSignOutRedirectUrl	Determines the url to redirect to when processing a federated sign-out request containing a wreply parameter.
	InitializeModule	Overridden. Initializes a module and prepares it to handle requests.
	InitializePropertiesFromConfiguration	Initialize module properties based on definitions in the configuration file.
	MemberwiseClone	(Inherited from Object)
	OnAuthenticateRequest	Handle the HTTP pipeline AuthenticateRequest event, after ensuring that the module has been initialized.
	OnAuthorizationFailed	Raise the AuthorizationFailed event.
	OnEndRequest	Handle the HTTP pipeline EndRequest event.
	OnPostAuthenticateRequest	Event handler for Application.PostAuthenticateRequest
	OnRedirectingToIdentityProvider	Raise the RedirectingToIdentityProvider event.
	OnSessionSecurityTokenCreated	Raise the SessionSecurityTokenCreated event.
	OnSignedIn	Raise the SignedIn event.
	OnSignedOut	Raise the SignedOut event.
	OnSignInError	Raise the SignInError event.
	OnSigningOut	Raise the SigningOut event.
	OnSignOutError	Raise the SignOutError event.

Top

Public Events

	Name	Description
	AuthorizationFailed	Occurs when the WSFederationAuthenticationModule is determining if it should redirect the user to the Identity summary. This event fires when authorization has failed for a HTTP request. Redirecting to IdentityProvider is controlled by setting the RedirectToIdentityProvider property on the AuthorizationFailedEventArgs. The RedirectingToIdentityProvider event can be used to modify the URL or cancel the redirect.To handle this event in an ASP.NET application, create a method called WSFederationAuthentication_AuthorizationFailed in the global.asax file.
	RedirectingToIdentityProvider	Occurs when the WSFederationAuthenticationModule is going to redirect the user to the Identity Provider. This event handler can be used to change the SignInRequestMessage.
	SecurityTokenReceived	Occurs when a security token has been received for processing.
	SecurityTokenValidated	Occurs when a security token has been received for processing.
	SessionSecurityTokenCreated	Occurs when a session security token has been created.
	SignedIn	Event raised after the user is signed in.
	SignedOut	Event raised after the user is signed out.
	SignInError	Event raised when a signin error occurs.
	SigningOut	Occurs before deleting the sign-in session.
	SignOutError	Event raised when signout error occurs.

Top

See Also

Reference

WSFederationAuthenticationModule Class
Microsoft.IdentityModel.Web Namespace

Copyright © 2008 by Microsoft Corporation. All rights reserved.