Saml2SecurityTokenHandler Members
[Starting with the .NET Framework 4.5, Windows Identity Foundation (WIF) has been fully integrated into the .NET Framework. The version of WIF addressed by this topic, WIF 3.5, is deprecated and should only be used when developing against the .NET Framework 3.5 SP1 or the .NET Framework 4. For more information about WIF in the .NET Framework 4.5, also known as WIF 4.5, see the Windows Identity Foundation documentation in the .NET Framework 4.5 Development Guide.]
Represents a security token handler that creates security tokens from SAML 2.0 Assertions.
The following tables list the members exposed by the Saml2SecurityTokenHandler type.
Public Constructors
| Name | Description | |
|---|---|---|
| Saml2SecurityTokenHandler | Overloaded. Initializes a new instance of the Saml2SecurityTokenHandler class. |
Top
Public Fields
| Name | Description | |
|---|---|---|
.gif "public field") .gif "static") |
TokenProfile11ValueType | The key identifier value type for SAML 2.0 assertion IDs, as defined by the OASIS Web Services Security SAML Token Profile 1.1. This is a URI. |
Top
Public Properties
| Name | Description | |
|---|---|---|
.gif "public property") |
CanValidateToken | Overridden. Gets a value that indicates if this handler can validate tokens of type Saml2SecurityToken. |
|
CanWriteToken | Overridden. Gets a value that indicates whether this handler can deserialize tokens of type Saml2SecurityToken. |
|
CertificateValidator | Gets or sets the validator that is used by the current instance to validate X.509 certificates. |
|
Configuration | Gets or sets the SecurityTokenHandlerConfiguration (Inherited from SecurityTokenHandler) |
|
ContainingCollection | Gets or sets the SecurityTokenHandlerCollection that this SecurityTokenHandler is part of. This property should never be set directly. When the SecurityTokenHandler is added to a collection this property is automatically set. (Inherited from SecurityTokenHandler) |
|
KeyInfoSerializer | Gets or sets the security token serializer that is used to serialize and deserialize key identifiers. |
|
SamlSecurityTokenRequirement | Gets or sets the security token requirements for this instance. |
|
TokenType | Overridden. Gets the token type supported by this handler. |
Top
Public Methods
(see also Protected Methods)
| Name | Description | |
|---|---|---|
.gif "public method") |
CanReadKeyIdentifierClause | Overridden. Indicates if the current XML element is pointing to a KeyIdentifierClause that can be serialized by this instance. |
|
CanReadToken | Overridden. Indicates whether the current XML element can be read as a token of the type handled by this instance. |
|
CanWriteKeyIdentifierClause | Overridden. Indicates if the specified key identifier clause can be serialized by this instance. |
|
CreateSecurityTokenReference | Overridden. Creates the security token reference when the token is not attached to the message. |
|
CreateToken | Overridden. Creates a security token based on a token descriptor. |
|
Equals | (Inherited from Object) |
|
GetHashCode | (Inherited from Object) |
|
GetTokenTypeIdentifiers | Overridden. Gets the token type identifier(s) supported by this handler. |
|
GetType | (Inherited from Object) |
|
ReadKeyIdentifierClause | Overridden. Reads a SecurityKeyIdentifierClause. |
|
ReadToken | Overridden. Reads a SAML 2.0 token from the specified stream. |
|
ReadToken | Overloaded. (Inherited from SecurityTokenHandler) |
|
ToString | (Inherited from Object) |
|
ValidateToken | Overridden. Validates the token data and creates a ClaimsIdentityCollection. |
|
WriteKeyIdentifierClause | Overridden. Serializes a Saml2AssertionKeyIdentifierClause to the specified XML writer. |
|
WriteToken | Overridden. Writes a Saml2 Token to the specified XML writer. |
Top
Protected Methods
| Name | Description | |
|---|---|---|
.gif "protected method") |
AddDelegateToAttributes | Adds all of the delegates associated with the subject into the attribute collection. |
|
CollectAttributeValues | Collects attributes with a common claim type, claim value type, and original issuer into a single attribute with multiple values. |
|
CreateAdvice | Creates a Saml2Advice object for the assertion. |
|
CreateAttribute | Creates a Saml2Attribute object from a claim. |
|
CreateAttributeStatement | Creates a Saml2AttributeStatement object from a token descriptor. |
|
CreateAuthenticationStatement | Creates a SAML 2.0 authentication statement from the specified authentication information. |
|
CreateClaims | Creates claims from a SAML 2.0 token. |
|
CreateConditions | Creates the conditions for the assertion. |
|
CreateIssuerNameIdentifier | Creates a name identifier that identifies the assertion issuer. |
|
CreateSamlSubject | Creates a SAML 2.0 subject for the assertion. |
|
CreateStatements | Creates SAML 2.0 statements to be included in the assertion. |
|
CreateXmlStringFromAttributes | Builds an XML formatted string from a collection of SAML 2.0 attributes that represent the Actor. |
|
DenormalizeAuthenticationType | Returns the AuthenticationContextClasses value matching a normalized value for a SAML authentication context class reference. |
|
DetectReplayedTokens | Overridden. Throws an exception if the specified token already exists in the token replay cache; otherwise the token is added to the cache. |
|
Finalize | (Inherited from Object) |
|
FindUpn | Finds the UPN claim value in the specified IClaimsIdentity object for the purpose of mapping the identity to a WindowsClaimsIdentity object. |
|
GetCacheExpirationTime | Returns the time until which the token should be held in the token replay cache. |
|
GetEncryptingCredentials | Gets the token encrypting credentials. Override this method to change the token encrypting credentials. |
|
GetSigningCredentials | Gets the credentials for signing the assertion. |
|
MemberwiseClone | (Inherited from Object) |
|
NormalizeAuthenticationContextClassReference | Returns the normalized value matching a SAML authentication context class reference. |
|
ProcessAttributeStatement | Creates claims from a SAML 2.0 attribute statement and adds them to the specified subject. |
|
ProcessAuthenticationStatement | Creates claims from a SAML 2.0 authentication statement and adds them to the specified subject. |
|
ProcessAuthorizationDecisionStatement | Creates claims from a SAML 2.0 authorization decision statement and adds them to the specified subject. |
|
ProcessSamlSubject | Creates claims from the SAML 2.0 subject and adds them to the specified subject. |
|
ProcessStatement | Creates claims from a collection of SAML 2.0 statements and adds them to the specified subject. |
|
ReadAction | Reads the <saml:Action> element. |
|
ReadAdvice | Reads the <saml:Advice> element. |
|
ReadAssertion | Reads the <saml:Assertion> element. |
|
ReadAttribute | Reads the <saml:Attribute> element. |
|
ReadAttributeStatement | Reads the <saml:AttributeStatement> element, or a <saml:Statement> element that specifies an xsi:type of saml:AttributeStatementType. |
|
ReadAttributeValue | Reads an attribute value. |
|
ReadAudienceRestriction | Reads the <saml:AudienceRestriction> element or a <saml:Condition> element that specifies an xsi:type of saml:AudienceRestrictionType. |
|
ReadAuthenticationContext | Reads the <saml:AuthnContext> element. |
|
ReadAuthenticationStatement | Reads the <saml:AuthnStatement> element or a <saml:Statement> element that specifies an xsi:type of saml:AuthnStatementType. |
|
ReadAuthorizationDecisionStatement | Reads the <saml:AuthzDecisionStatement> element or a <saml:Statement> element that specifies an xsi:type of saml:AuthzDecisionStatementType. |
|
ReadConditions | Reads the <saml:Conditions> element. |
|
ReadEncryptedId | Reads the <saml:EncryptedId> element. |
|
ReadEvidence | Reads the <saml:Evidence> element. |
|
ReadIssuer | Reads the <saml:Issuer> element. |
|
ReadNameID | Reads the <saml:NameID> element. |
|
ReadNameIDType | Both <Issuer> and <NameID> are of NameIDType. This method reads the content of either one of those elements. |
|
ReadProxyRestriction | Reads the <saml:ProxyRestriction> element, or a <saml:Condition> element that specifies an xsi:type of saml:ProxyRestrictionType. |
|
ReadSigningKeyInfo | Deserializes the SAML Signing KeyInfo. |
|
ReadStatement | Reads the <saml:Statement> element. |
|
ReadSubject | Reads the <saml:Subject> element. |
|
ReadSubjectConfirmation | Reads the <SubjectConfirmation> element. |
|
ReadSubjectConfirmationData | Reads the <saml:SubjectConfirmationData> element. |
|
ReadSubjectID | This method handles the construct used in the <Subject> and <SubjectConfirmation> elements for ID. |
|
ReadSubjectKeyInfo | Deserializes the SAML Subject <ds:KeyInfo> element. |
|
ReadSubjectLocality | Reads the <saml:SubjectLocality> element. |
|
ResolveIssuerToken | Resolves the Signing Key Identifier to a SecurityToken. |
|
ResolveSecurityKeys | Resolves the collection of SecurityKey referenced in a Saml2Assertion. |
|
SetDelegateFromAttribute | This method gets called when a special type of Saml2Attribute is detected. The Saml2Attribute passed in wraps a Saml2Attribute that contains a collection of attribute values (in the Values property), each of which will get mapped to a claim. All of the claims will be returned in an IClaimsIdentity with the specified issuer. |
|
TryResolveIssuerToken | Resolves the Signing Key Identifier to a SecurityToken. |
|
ValidateConditions | Validates the specified Saml2Conditions object. |
|
ValidateConfirmationData | Validates the specified Saml2SubjectConfirmationData object. |
|
WriteAction | Writes the <saml:Action> element. |
|
WriteAdvice | Writes the <saml:Advice> element. |
|
WriteAssertion | Serializes the specified SAML assertion to the specified XML writer. |
|
WriteAttribute | Writes the <saml:Attribute> element. |
|
WriteAttributeStatement | Writes the <saml:AttributeStatement> element. |
|
WriteAttributeValue | Writes the saml:Attribute value. |
|
WriteAudienceRestriction | Writes the <saml:AudienceRestriction> element. |
|
WriteAuthenticationContext | Writes the <saml:AuthnContext> element. |
|
WriteAuthenticationStatement | Writes the <saml:AuthnStatement> element. |
|
WriteAuthorizationDecisionStatement | Writes the <saml:AuthzDecisionStatement> element. |
|
WriteConditions | Writes the <saml:Conditions> element. |
|
WriteEvidence | Writes the <saml:Evidence> element. |
|
WriteIssuer | Writes the <saml:Issuer> element. |
|
WriteNameID | Writes the <saml:NameID> element. |
|
WriteNameIDType | Both <Issuer> and <NameID> are of NameIDType. This method writes the content of either one of those elements. |
|
WriteProxyRestriction | Writes the <saml:ProxyRestriction> element. |
|
WriteSigningKeyInfo | Writes the Signing <ds:KeyInfo> element using the specified XML writer. |
|
WriteStatement | Writes a Saml2Statement. |
|
WriteSubject | Writes the <saml:Subject> element. |
|
WriteSubjectConfirmation | Writes the <saml:SubjectConfirmation> element. |
|
WriteSubjectConfirmationData | Writes the <saml:SubjectConfirmationData> element. |
|
WriteSubjectKeyInfo | Serializes the Subject <ds:KeyInfo> element using the specified XML writer. |
|
WriteSubjectLocality | Writes the <saml:SubjectLocality> element. |
Top
See Also
Reference
Saml2SecurityTokenHandler Class
Microsoft.IdentityModel.Tokens.Saml2 Namespace
Saml2SecurityToken Class
Other Resources
Token Handlers
What is Windows Identity Foundation?
Copyright © 2008 by Microsoft Corporation. All rights reserved.