|
|
|
The CA Federation Manager .NET SDK helps a .NET application to federate. Using the .NET SDK, .NET applications can provide user information to Federation Manager, and can consume user information provided by Federation Manager. The .NET SDK uses a global open format cookie to represent user identity and encapsulate the user principal and attributes. The .NET SDK uses a key derived from a shared secret to encrypt the cookie. Any application that knows the shared secret and the cryptographic transform can consume the cookie and retrieve user information. The .NET SDK uses the AES algorithm for encrypting and decrypting the open format cookie.
A .NET application on the asserting party side uses the .NET SDK to pass the login ID for authenticated users to Federation Manager. Federation Manager extracts the login ID from the cookie and adds it to a Federation Assertion, which is sent to relying party. Federation Manager can add additional attributes to the cookie and change some of the cookie settings, for example, the maximum age for a cookie. A .NET application on the relying party side uses the .NET SDK to retrieve user and session-related information sent by Federation Manager.
The following diagram shows the role of the .NET SDK at the asserting party and the relying party:
| Copyright © 2012 CA. All rights reserved. |
|