ClaimsAuth Bean

Properties Methods Events Configuration Settings Errors

The ClaimsAuth component is used to obtain security tokens and assertions.

Syntax

IPWorksAuth.Claimsauth

Remarks

The ClaimsAuth bean provides an easy-to-use interface to obtain security tokens and assertions. The bean can also be used to simple parse assertions and inspect the claims within.

The component has built in support for working with Microsoft SharePoint Online and Microsoft Dynamics CRM Online. This support means only a minimum of information needs to be supplied to the component.

Microsoft SharePoint Online and Dynamics CRM Online

To begin working with SharePoint Online or Dynamics CRM Online first set the AuthMode to the appropriate value. The bean will automatically populate several properties to known values. Set the User, Password, ApplicationURN properties and call GetSecurityToken. For instance:

component.AuthMode = ClaimsauthAuthModes.amDynamicsCRM; //dynamic crm
component.User = "user@mycrm.onmicrosoft.com";
component.Password = "password";
component.ApplicationURN = "urn:crmapac:dynamics.com";
component.GetSecurityToken();

After calling GetSecurityToken the SecurityTokenXML property will be populated.

ADFS and Others

When working with ADFS or another Security Token Service (STS) the GetAssertion method may be used to obtain an assertion. To begin set AuthMode to either amADFS or amCustom. Then set LocalSTS, User, Password, and ApplicationURN. For instance:

component.AuthMode = ClaimsauthAuthModes.amADFS;
component.User = "administrator";
component.Password = "admin";
component.LocalSTS = "https://adfs.contoso.com";
component.ApplicationURN = "https://fsweb.contoso.com/ClaimsAwareWebAppWithManagedSTS/";
component.GetAssertion();

If the assertion is signed the bean will use the certificate specified in SignerCert to verify the signature. If SignerCert is not set the bean will attempt to parse the certificate present in the assertion to perform verification.

After the assertion is parsed and the signature is verified (if present) the following properties will be populated:

Parsing an Assertion

The bean may also be used to parse an existing assertion without contacting a STS. To parse an existing assertion call ParseAssertion with the assertion XML. If the assertion is signed the bean will use the certificate specified in SignerCert to verify the signature. If SignerCert is not set the bean will attempt to parse the certificate present in the assertion to perform verification.

After the assertion is parsed and the signature is verified (if present) the following properties will be populated:

Property List

The following is the full list of the properties of the bean with short descriptions. Click on the links for further details.


ApplicationURN	The application's Uniform Resource Name (URN).
AssertionId	The assertion id.
AssertionIssueInstant	The time in UTC that the assertion was issued.
AssertionIssuer	The assertion issuer.
AssertionNotBefore	The date on which the assertion becomes valid.
AssertionNotOnOrAfter	The time at which the assertion expires.
AssertionSubject	The subject of the assertion.
AssertionVersion	The version of the assertion.
AssertionXML	The assertion XML.
AuthMode	The authentication mode.
Certificate	The certificate used for decryption.
Claims	A collection of claims.
FederationSTS	The URL of the federation Security Token Service (STS).
FederationURN	The federation Uniform Resource Name (URN).
LocalSTS	The local Security Token Service (STS).
Password	The user's password.
Proxy	A set of properties related to proxy access.
SecurityTokenXML	The security token XML.
SignerCert	The certificate used for signature verification.
SSLAcceptServerCert	Instructs the component to unconditionally accept the server certificate that matches the supplied certificate.
SSLCert	The certificate to be used during SSL negotiation.
SSLServerCert	The server certificate for the last established connection.
User	The username.
XAttributes	A collection of attributes of the current element.
XChildren	Collection of child elements of the current element.
XElement	The name of the current element.
XNamespace	The namespace of the current element.
XParent	The parent of the current element.
XPath	Provides a way to point to a specific element in the document.
XPrefix	The prefix of the current element.
XSubTree	A snapshot of the current element in the document.
XText	The text of the current element.

Method List

The following is the full list of the methods of the bean with short descriptions. Click on the links for further details.


config	Sets or retrieves a configuration setting .
getAssertion	Gets the assertion.
getSecurityToken	Gets the security token.
parseAssertion	Parses the specified assertion.

Event List

The following is the full list of the events fired by the bean with short descriptions. Click on the links for further details.


Characters	Fired for plain text segments of the input stream.
Comment	Fired when a comment section is encountered.
EndElement	Fired when an end-element tag is encountered.
Error	Information about errors during data delivery.
PI	Fired when a processing instruction section is encountered.
SSLServerAuthentication	Fired after the server presents its certificate to the client.
SSLStatus	Shows the progress of the secure connection.
StartElement	Fired when a begin-element tag is encountered in the document.

Configuration Settings

The following is a list of configuration settings for the bean with short descriptions. Click on the links for further details.


DecryptAssertion	Whether to decrypt the assertion.
RawRequest	Returns the raw HTTP request.
RawResponse	Returns the raw HTTP response.
SSODomain	Specifies the federation domain configured in Office 365.
UserRealm	The URL of a web service to determine the LocalSTS (if any).
CodePage	The system code page used for Unicode to Multibyte translations.