LogonServerConfigurationHandler Class
Reads configuration data for the Logon Server component of AD FS, which runs on the Federation Service and Federation Service Proxy and is responsible for handling protocol requests to the endpoint URL.
Namespace: System.Web.Security.SingleSignOn
Assembly: System.Web.Security.SingleSignOn (in System.Web.Security.SingleSignOn.dll)
Inheritance Hierarchy
System.Object
System.Web.Security.SingleSignOn.LogonServerConfigurationHandler
Syntax
public class LogonServerConfigurationHandler : IConfigurationSectionHandler
public ref class LogonServerConfigurationHandler : IConfigurationSectionHandler
type LogonServerConfigurationHandler =
class
interface IConfigurationSectionHandler
end
Public Class LogonServerConfigurationHandler
Implements IConfigurationSectionHandler
Constructors
| Name | Description | |
|---|---|---|
.jpeg "System_CAPS_pubmethod") |
LogonServerConfigurationHandler() | Initializes a new instance of the LogonServerConfigurationHandler class. |
Methods
| Name | Description | |
|---|---|---|
|
Create(Object, Object, XmlNode) | This method supports the AD FS infrastructure and is not intended for public use. |
|
Equals(Object) | (Inherited from Object.) |
.jpeg "System_CAPS_protmethod") |
Finalize() | (Inherited from Object.) |
|
GetHashCode() | (Inherited from Object.) |
|
GetType() | (Inherited from Object.) |
|
MemberwiseClone() | (Inherited from Object.) |
|
ToString() | (Inherited from Object.) |
Remarks
The web.config in the application root of Federation Service or Federation Service Proxy should register a system.web section called “logonserver” to be handled by this class. Such a registration looks like this:
<configuration>
<configSections>
<sectionGroup name="system.web">
<section name="logonserver" type="System.Web.Security.SingleSignOn.LogonServerConfigurationHandler, System.Web.Security.SingleSignOn, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35, Custom=null" />
</sectionGroup>
</configSections>
</configuration>
XPath |
Element value description |
logonserver/forms/discovery |
The name of the aspx form which should be invoked for the DiscoverClientRealm action. The default is “discoverclientrealm.aspx”. |
logonserver/forms/logon |
The name of the aspx form which should be invoked for the CollectionInitialCredentials and CollectAdditionalCredentials actions. The default is “clientlogon.aspx”. |
logonserver/forms/signout |
The name of the aspx form which should be invoked for the CleanupTopLevel and CleanupNested actions. The default is “signout.aspx”. |
logonserver/forms/policy |
The name of the aspx form which should be invoked for the PolicyEnforcement action. The default is null, which avoid the PolicyEnforcement action. |
logonserver/posttimeout |
The number of seconds to pause before posting a token to a resource partner or application. The default is 0. |
logonserver/policyinterval |
On the Federation Service Proxy, this indicates the frequency with which an otherwise idle proxy will consider calling GetProxyTrustInformation to refresh trust policy information from the Federation Service. The default is 30 minutes. |
logonserver/policythreshhold |
On the Federation Service Proxy, this indicates how old the trust policy information must be to warrant a call to GetProxyTrustInformation. Every policyinterval minutes, if the proxy has not made any call to the Federation Server in policythreshhold minutes or more, it forces a call to GetProxyTrustInformation to update the policy. |
logonserver/soap/fsuri |
On the Federation Service Proxy, this specifies the URL of the Federation Service. Generally, this is of the form “https://fs.example.com/adfs/fs/federationserverservice.asmx”. |
logonserver/soap/certhash |
On the Federation Service Proxy, this specifies the thumbprint of the certificate from the Local Machine “My” store which should be used to perform client authentication to the Federation Service. This certificate hash must also be configured on the Federation Service in the TrustPolicy.LSClientCertificates collection. |
logonserver/auditlevel |
On the Federation Service Proxy, this specifies the value of SingleSignOnEventLogLevel to be used for event logging and auditing. The default is SingleSignOnEventLogLevel.Everything. |
Examples
<system.web>
<logonserver>
<forms>
<discovery>discoverclientrealm.aspx</discovery>
<logon>clientlogon.aspx</logon>
<signout>signout.aspx</signout>
</forms>
</logonserver>
</system.web>
Thread Safety
Any public static ( Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.
See Also
LSAuthenticationModule
System.Web.Security.SingleSignOn Namespace
Return to top