WSFederationAuthenticationModule.RedirectToIdentityProvider Method

Definition

Redirects the user to the security token service (STS) specified by the Issuer property to obtain a security token using the WS-Federation protocol.

public:
 virtual void RedirectToIdentityProvider(System::String ^ uniqueId, System::String ^ returnUrl, bool persist);
public virtual void RedirectToIdentityProvider (string uniqueId, string returnUrl, bool persist);
abstract member RedirectToIdentityProvider : string * string * bool -> unit
override this.RedirectToIdentityProvider : string * string * bool -> unit
Public Overridable Sub RedirectToIdentityProvider (uniqueId As String, returnUrl As String, persist As Boolean)

Parameters

uniqueId
String

The WSFAM saves this value in the wctx parameter in the WS-Federation sign in request; however, the module does not use it when processing sign-in requests or sign-in responses. You can set it to any value. It does not have to be unique. For more information, see the CreateSignInRequest(String, String, Boolean) method.

returnUrl
String

The URL to which the module should return upon authentication.

persist
Boolean

The WSFAM saves this value in the wctx parameter in the WS-Federation sign in request; however, the module does not use it when processing sign-in requests or sign-in responses. You can set it either true or false.

Exceptions

Issuer is null or an empty string.

-or-

Realm is null or an empty string.

-or-

The Current property is null or empty.

-or-

The Response property of the context returned by Current is null or empty.

Remarks

The RedirectToIdentityProvider method is called from the SignIn method when the request is issued from a web page presented by the relying party (RP) or from the OnEndRequest event-handler delegate to perform a passive redirect to the identity provider on authorization failure.

The parameters passed to the method are used to create the wctx message parameter. The only significant parameter is the returnUrl parameter. This specifies the URL that the RP should direct the browser to following successful authentication. It should not be confused with the wreply message parameter, which is specified by the Reply property and which provides the address at the RP to which the security token service (STS) should direct its response.

The method performs the following:

  1. Invokes the VerifyProperties method to ensure that a valid sign-in request can be issued by the module.

  2. Invokes the CreateSignInRequest method to create the sign-in request from the properties configured on the module.

  3. Invokes the OnRedirectingToIdentityProvider method to raise the RedirectingToIdentityProvider event. You can cancel the redirect or modify the sign-in request message in the event handler for this event.

Applies to