Programming Guides › Programming Guide for the Federation .NET SDK › .NET SDK Components
.NET SDK Components
This section contains the following topics:
Open Format Cookie
IFederationOpenIdentity Interface
Identity Factory
IFedIdentitySDKLogger Interface
Open Format Cookie
The federation open format cookie lets applications assert user attributes to CA SiteMinder® Federation and consume user attributes encapsulated by CA SiteMinder® Federation. The open format cookie has the following general characteristics:
- The cookie is accessible by applications written in any programming language.
- The cookie content consists of a string of UTF-8 bytes, which supports international character sets.
- The combined size in UTF-8 bytes of each name/value pair precedes the name/value pair.
- Space characters are added for legibility.
- The cookie is simple to parse and easily extensible.
Important! If the cookie contains any unsafe characters such as '=', enclose the value in double quotes. You can specify this option through the user interface, or through the SDK.
The open format cookie contains the following property information:
- Cookie Version
- Name ID
- Name ID Format
- Session ID
- AuthnContext
- UserDN (same as User ID)
- UserConsent
- Login ID
- ExpiresON (expiration time)
The following diagram shows the open format:
Key:
- Ver — the cookie format version. This value is 1.
- Sp — an ASCII space character, used only to improve readability
- Properties — information about the principal
- Attributes — SAML attributes from the Assertion
- Cnt — the number of name value pairs that follow, represented in ASCII
- Sz — the length of the name or value that follows
- ValCnt — the number of attribute values
The Backus-Naur Form (BNF) for this format is following (0* means 0 or more; 1* means at least 1).
- DIGIT = ASCII digit (0 through 9)
- CHAR = UTF-8 character
- Sp = ASCII space (character 32)
- Token = 1*CHAR
- Cookie = Version Sp Properties Attributes
- Version = 1*DIGIT
- Cnt = 1*DIGIT
- Properties = Cnt 1*PPair
- Attributes = Cnt 0*APair
- ValCnt = 1*DIGIT
- PPair = Sz Sp Name Sp Sz Sp Value
- APair = Sz Sp Name Sp ValCnt Sp Sz Sp Value
- Sz = 1*DIGIT
- Name = Token
- Value = Token
IFederationOpenIdentity Interface
The IFederationOpenIdentity interface defines methods for manipulating the open format cookie. The classes exposed by .NET SDK are available under the namespace CA.Federation.FedIdentitySdk. You implement the IFederationOpenIdentity interface by calling one of the methods from the IdentityFactory class.
See the Doxygen-generated reference for detailed information about this interface.
Identity Factory
The IdentityFactory class provides methods for obtaining an implementation of the IFederationOpentIdentity interface.
Note: The only supported cryptographic transformation is "AES128/CBC/PKCS5Padding". You can also use NULL to get the default.
The IdentityFactory class includes the following methods:
- static IFederationOpenIdentity GetInstance (string cryptoInstance)
-
Generates an implementation object of the IFederationOpenIdentity interface.
- static IFederationOpenIdentity GetInstance (string cryptoInstance, bool bUseHmac)
-
Generates an implementation object of the IFederationOpenIdentity interface.
- static IFederationOpenIdentity GetInstance (string zoneName, char[] password, string domain, string cryptoInstance)
-
Generates an implementation object of the IFederationOpenIdentity interface.
- static IFederationOpenIdentity GetInstance (string zoneName, char[] password, string domain, string cryptoInstance, bool bUseHmac)
-
Generates an implementation object of the IFederationOpenIdentity interface.
IFedIdentitySDKLogger Interface
The IFedIdentitySDKLogger interface provides the following methods for specifying custom logging messages
- void LogTrace (string fileName, string methodName, string message)
-
Logs a trace message.
- void LogError (string fileName, string methodName, string message)
-
Logs an error message.
Copyright © 2013 CA.
All rights reserved.
|
|