CustomTransform Class
The transform to use for the CustomModule. Provides a reference to a user provided extensibility class which implements the IClaimTransform interface.
Namespace: System.Web.Security.SingleSignOn
Assembly: System.Web.Security.SingleSignOn (in System.Web.Security.SingleSignOn.dll)
Inheritance Hierarchy
System.Object
System.Web.Security.SingleSignOn.TrustPolicyEntryBase
System.Web.Security.SingleSignOn.CustomModule
System.Web.Security.SingleSignOn.CustomTransform
Syntax
[ComVisibleAttribute(true)]
public class CustomTransform : CustomModule
[ComVisibleAttribute(true)]
public ref class CustomTransform : CustomModule
[<ComVisibleAttribute(true)>]
type CustomTransform =
class
inherit CustomModule
end
<ComVisibleAttribute(True)>
Public Class CustomTransform
Inherits CustomModule
Constructors
| Name | Description | |
|---|---|---|
.jpeg "System_CAPS_pubmethod") |
CustomTransform() | Initializes a new instance of the CustomTransform class. |
Properties
| Name | Description | |
|---|---|---|
.jpeg "System_CAPS_pubproperty") |
AssemblyPath | Gets and sets the path to the assembly for this module.(Inherited from CustomModule.) |
|
ClassType | Gets and sets the name of the class which contains the extensibility code.(Inherited from CustomModule.) |
|
Disabled | Gets or sets whether the trust with this realm is currently active. If this is set, no tokens will be accepted from this partner.(Inherited from TrustPolicyEntryBase.) |
|
uuid | Gets or sets the universal unique identifier (UUID) for this TrustPolicyEntryBase object.(Inherited from TrustPolicyEntryBase.) |
Methods
| Name | Description | |
|---|---|---|
|
Equals(Object) | (Inherited from Object.) |
.jpeg "System_CAPS_protmethod") |
Finalize() | (Inherited from Object.) |
|
GetHashCode() | (Inherited from Object.) |
|
GetType() | (Inherited from Object.) |
|
MemberwiseClone() | (Inherited from Object.) |
|
ToString() | (Inherited from Object.) |
Remarks
The WebSSO Pluggable Claim Transform Module extends how claim transformations are handled by the Federation Server. It allows you to extend claim transformations and write code to implement your own transformations. The Federation Server administration snap-in will support adding to and deleting from the claim transformation module into the Federation Server trust policy. There is one custom claim transformation module registered per Federation Server.
The following tables indicate when in the claim transformation process the pluggable claim transformation module will be called in relation to the built-in claim transformations. The built-in claim transformation refers to the claim transformations defined in the trust policy. The top row of each table is the first transformation step and the bottom row of the table is the final transformation step. Note that at the final transformation step the outgoing claims are what will be sent in the token returned to the client. In each step some but not all of the claim collections may change. Change is indicated in the table by the version number of the claims in each step. The claims are not shown in the row when they will have no affect on further transformation steps. The claim transformation module is called twice for each scenario allowing a pre-processing stage and a post-processing stage.
The table below describes the order of the claim transformation steps when a token is being requested from the FS-A and getting a token for a FS –R, the resource side of a federation. This same table applies when credentials are either authenticated by an account store or when a cookie is used to authenticate.
Claim Transformation Step |
Incoming claims |
Corporate claims |
Outgoing claims |
|---|---|---|---|
Account Store |
- |
1 |
- |
Custom Claim Transformation Module |
- |
2 |
1 |
Built-in claim transformations |
- |
2 |
2 |
Custom Claim Transformation Module |
- |
- |
3 |
The table below describes the order of the claim transformation steps when a token is being requested from the FS-R and getting a token for a resource Web Server, the account side of a federation.
Claim Transformation Step |
Incoming claims |
Corporate claims |
Outgoing claims |
|---|---|---|---|
Incoming from FS-A |
1 |
- |
- |
Custom Claim Transformation Module |
2 |
1 |
1 |
Built-in claim transformations to corporate claims |
2 |
2 |
1 |
Built in claim filtering for the application |
- |
2 |
2 |
Custom Claim Transformation Module |
- |
- |
3 |
The table below describes the order of the claim transformation steps when a token is being requested from the FS-R with a cookie and getting a token for a resource Web Server, the account side of a federation. The difference between this table and the previous is that in this table there are no initial incoming claims and only the built in transform from corporate to outgoing application claims.
Claim Transformation Step |
Incoming claims |
Corporate claims |
Outgoing claims |
|---|---|---|---|
Incoming from cookie |
- |
1 |
- |
Custom Claim Transformation Module |
- |
2 |
1 |
Built-in claim filtering for the application |
- |
2 |
2 |
Custom Claim Transformation Module |
- |
- |
3 |
The table below describes the order of the claim transformation steps when a token is being requested from the Federation Server when it is acting as both the FS-A and the FS–R, in other words the client's Federation Server when the resource application directly trusts the Federating Service. This same table applies when either credentials are authenticated by an account store or when a cookie is used to authenticate.
Claim Transformation Step |
Incoming claims |
Corporate claims |
Outgoing claims |
|---|---|---|---|
Account Store |
- |
1 |
- |
Custom Claim Transformation Module |
- |
2 |
1 |
Built-in claim filtering for the application |
- |
2 |
2 |
Custom Claim Transformation Module |
- |
- |
3 |
Thread Safety
Any public static ( Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.
See Also
System.Web.Security.SingleSignOn Namespace
Return to top