Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
[Starting with the .NET Framework 4.5, Windows Identity Foundation (WIF) has been fully integrated into the .NET Framework. The version of WIF addressed by this topic, WIF 3.5, is deprecated and should only be used when developing against the .NET Framework 3.5 SP1 or the .NET Framework 4. For more information about WIF in the .NET Framework 4.5, also known as WIF 4.5, see the Windows Identity Foundation documentation in the .NET Framework 4.5 Development Guide.]
This class implements a SecurityTokenHandler for a Saml11 token. It contains functionality for: Creating, Serializing and Validating a Saml 11 Token.
The following tables list the members exposed by the Saml11SecurityTokenHandler type.
Public Constructors
| Name | Description | |
|---|---|---|
| Saml11SecurityTokenHandler | Overloaded. |
Top
Public Fields
| Name | Description | |
|---|---|---|
.gif "public field") .gif "static") |
Assertion | |
|
BearerConfirmationMethod | |
|
Namespace | |
|
UnspecifiedAuthenticationMethod |
Top
Public Properties
| Name | Description | |
|---|---|---|
.gif "public property") |
CanValidateToken | Overridden. Returns value indicates if this handler can validate tokens of type SamlSecurityToken. |
|
CanWriteToken | Overridden. Gets a boolean indicating if the SecurityTokenHandler can Serialize Tokens. Return true by default. |
|
CertificateValidator | Gets or sets the X509CeritificateValidator that is used by the current instance. |
|
Configuration | Gets or sets the SecurityTokenHandlerConfiguration (Inherited from SecurityTokenHandler) |
|
ContainingCollection | Gets or sets the SecurityTokenHandlerCollection that this SecurityTokenHandler is part of. This property should never be set directly. When the SecurityTokenHandler is added to a collection this property is automatically set. (Inherited from SecurityTokenHandler) |
|
KeyInfoSerializer | Gets or Sets a SecurityTokenSerializers that will be used to serialize and deserializer SecurtyKeyIdentifier. For example, SamlSubject SecurityKeyIdentifier or Signature SecurityKeyIdentifier. |
|
SamlSecurityTokenRequirement | Gets or sets the SamlSecurityTokenRequirement |
|
TokenType | Overridden. Gets the System.Type of the SecurityToken is supported by ththis handler. |
Top
Public Methods
(see also Protected Methods)
| Name | Description | |
|---|---|---|
.gif "public method") |
CanReadKeyIdentifierClause | Indicates if the current XML element is pointing to a KeyIdentifierClause that can be serialized by this instance. (Inherited from SecurityTokenHandler) |
|
CanReadToken | Overridden. Indicates whether the current XML element can be read as a token of the type handled by this instance. |
|
CanWriteKeyIdentifierClause | Indicates if the given SecurityKeyIdentifierClause can be serialized by this instance. (Inherited from SecurityTokenHandler) |
|
CreateSecurityTokenReference | Overridden. Creates the security token reference when the token is not attached to the message. |
|
CreateToken | Overridden. Creates the security token based on the tokenDescriptor passed in. |
|
Equals | (Inherited from Object) |
|
GetHashCode | (Inherited from Object) |
|
GetTokenTypeIdentifiers | Overridden. Returns the saml token's token type that is supported by this handler. |
|
GetType | (Inherited from Object) |
|
ReadKeyIdentifierClause | Deserializes the XML to a KeyIdentifierClause that references a token handled by this instance. (Inherited from SecurityTokenHandler) |
|
ReadToken | Overridden. Deserializes from XML a token of the type handled by this instance. |
|
ReadToken | Overloaded. (Inherited from SecurityTokenHandler) |
|
ToString | (Inherited from Object) |
|
ValidateToken | Overridden. Validates a given token and returns a SubjectCollection. |
|
WriteKeyIdentifierClause | Serializes to XML a SecurityKeyIdentifierClause that this instance supports. (Inherited from SecurityTokenHandler) |
|
WriteToken | Overridden. Serializes the given SecurityToken to the XmlWriter. |
Top
Protected Methods
| Name | Description | |
|---|---|---|
.gif "protected method") |
AddDelegateToAttributes | Adds all the delegates associated with the ActAs subject into the attribute collection. |
|
CollectAttributeValues | Collects attributes with a common claim type, claim value type, and original issuer into a single attribute with multiple values. |
|
CreateAdvice | Override this method to provide a SamlAdvice to place in the Samltoken. |
|
CreateAssertion | Override this method to customize the parameters to create a SamlAssertion. |
|
CreateAttribute | Generates a SamlAttribute from a claim. |
|
CreateAttributeStatement | Creates SamlAttributeStatements and adds them to a collection. Override this method to provide a custom implementation.Default behavior is to create a new SamlAttributeStatement for each Subject in the tokenDescriptor.Subjects collection. |
|
CreateAuthenticationStatement | Creates a SamlAuthenticationStatement for each AuthenticationInformation found in AuthenticationInformation. Override this method to provide a custom implementation. |
|
CreateClaims | Generates SubjectCollection that represents a SamlToken. Only SamlAttributeStatements processed. Overwrite this method to customize the creation of statements.Calls: 1. ProcessAttributeStatement for SamlAttributeStatements. 2. ProcessAuthenticationStatement for SamlAuthenticationStatements. 3. ProcessAuthorizationDecisionStatement for SamlAuthorizationDecisionStatements. 4. ProcessCustomStatement for other SamlStatements. |
|
CreateConditions | Generates all the conditions for saml 1. Lifetime condition 2. AudienceRestriction condition |
|
CreateSamlSubject | Returns the SamlSubject to use for all the statements that will be created. Overwrite this method to customize the creation of the SamlSubject. |
|
CreateStatements | Generates an enumeration of SamlStatements from a SecurityTokenDescriptor. Only SamlAttributeStatements and SamlAuthenticationStatements are generated. Overwrite this method to customize the creation of statements.Calls in order (all are virtual): 1. CreateSamlSubject 2. CreateAttributeStatements 3. CreateAuthenticationStatements |
|
CreateXmlStringFromAttributes | Builds an XML formated string from a collection of saml attributes that represend the Actor. |
|
DenormalizeAuthenticationType | Returns the Saml11 AuthenticationMethod matching a normalized value. |
|
DetectReplayedTokens | Overridden. Throws if a token is detected as being replayed. If the token is not found it is added to the TokenReplayCache. |
|
Finalize | (Inherited from Object) |
|
FindUpn | Finds the UPN claim value in the provided IClaimsIdentity object for the purpose of mapping the identity to a WindowsClaimsIdentity object. |
|
GetCacheExpirationTime | Returns the time until which the token should be held in the token replay cache. |
|
GetEncryptingCredentials | Gets the credentials for encrypting the token. Override this method to provide custom encrypting credentials. |
|
GetSigningCredentials | Gets the credentials for the signing the assertion. Override this method to provide custom signing credentials. |
|
MemberwiseClone | (Inherited from Object) |
|
NormalizeAuthenticationType | Returns the normalized value matching a Saml11 AuthenticationMethod. |
|
ProcessAttributeStatement | Override this virtual to provide custom processing of SamlAttributeStatements. |
|
ProcessAuthenticationStatement | Override this virtual to provide custom processing of the SamlAuthenticationStatement. By default it adds authentication type and instant to each claim. |
|
ProcessAuthorizationDecisionStatement | Override this virtual to provide custom processing of SamlAuthorizationDecisionStatement. By default no processing is performed, you will need to access the token for SamlAuthorizationDecisionStatement information. |
|
ProcessSamlSubject | For each saml statement (attribute/authentication/authz/custom), we will check if we need to create a nameid claim or a key identifier claim out of its SamlSubject. |
|
ProcessStatement | Processes all statements to generate claims. |
|
ReadAction | Read saml:Action element. |
|
ReadAdvice | Read saml:Advice element from the given XmlReader. |
|
ReadAssertion | Read saml:Assertion element from the given reader. |
|
ReadAttribute | Read an saml:Attribute element. |
|
ReadAttributeStatement | Read saml:AttributeStatement from the given XmlReader. |
|
ReadAttributeValue | Reads an attribute value. |
|
ReadAudienceRestrictionCondition | Read saml:AudienceRestrictionCondition from the given XmlReader. |
|
ReadAuthenticationStatement | Read the saml:AuthenticationStatement. |
|
ReadAuthorityBinding | Read the saml:AuthorityBinding element. |
|
ReadAuthorizationDecisionStatement | Read the saml:AuthorizationDecisionStatement element. |
|
ReadCondition | Read saml:AudienceRestrictionCondition or saml:DoNotCacheCondition from the given reader. |
|
ReadConditions | Read saml:Conditions from the given XmlReader. |
|
ReadDoNotCacheCondition | Read saml:DoNotCacheCondition from the given XmlReader. |
|
ReadEvidence | Read the saml:Evidence element. |
|
ReadSigningKeyInfo | Reads the ds:KeyInfo element inside the Saml Signature. |
|
ReadStatement | Read a SamlStatement from the given XmlReader. |
|
ReadSubject | Read the SamlSubject from the XmlReader. |
|
ReadSubjectKeyInfo | Read the SamlSubject KeyIdentifier from a XmlReader. |
|
ResolveIssuerToken | Resolves the Signing Key Identifier to a SecurityToken. |
|
ResolveSubjectKeyIdentifier | Resolves the SecurityKeyIdentifier specified in a saml:Subject element. |
|
SetDelegateFromAttribute | This method gets called when a special type of SamlAttribute is detected. The SamlAttribute passed in wraps a SamlAttribute that contains a collection of AttributeValues, each of which are mapped to a claim. All of the claims will be returned in an IClaimsIdentity with the specified issuer. |
|
TryResolveIssuerToken | Resolves the Signing Key Identifier to a SecurityToken. |
|
ValidateConditions | Rejects tokens that are not valid. |
|
WriteAction | Writes the given SamlAction to the XmlWriter. |
|
WriteAdvice | Serialize the given SamlAdvice to the given XmlWriter. |
|
WriteAssertion | Serializes a given SamlAssertion to the XmlWriter. |
|
WriteAttribute | Serializes a given SamlAttribute. |
|
WriteAttributeStatement | Serialize a SamlAttributeStatement. |
|
WriteAttributeValue | Writes the saml:Attribute value. |
|
WriteAudienceRestrictionCondition | Serialize SamlAudienceRestrictionCondition to a XmlWriter. |
|
WriteAuthenticationStatement | Serializes a given SamlAuthenticationStatement. |
|
WriteAuthorityBinding | Serialize a SamlAuthorityBinding. |
|
WriteAuthorizationDecisionStatement | Serialize a SamlAuthorizationDecisionStatement. |
|
WriteCondition | Serializes the given SamlCondition to the given XmlWriter. |
|
WriteConditions | Serialize SamlConditions to the given XmlWriter. |
|
WriteDoNotCacheCondition | Serialize SamlDoNotCacheCondition to a XmlWriter. |
|
WriteEvidence | Serializes a given SamlEvidence. |
|
WriteSigningKeyInfo | Serializes the Signing SecurityKeyIdentifier. |
|
WriteStatement | Serialize the SamlStatement to the XmlWriter. |
|
WriteSubject | Serialize the given SamlSubject into an XmlWriter. |
|
WriteSubjectKeyInfo | Write the SamlSubject SecurityKeyIdentifier to the XmlWriter. |
Top
See Also
Reference
Saml11SecurityTokenHandler Class
Microsoft.IdentityModel.Tokens.Saml11 Namespace
Copyright © 2008 by Microsoft Corporation. All rights reserved.