!This program cannot be run in DOS mode.
`.rsrc
@.reloc
GIF89a
lSystem.Resources.ResourceReader, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
PADPADP
c;U2a>
Action
Appearance
Behavior
FederatedPassive
Layout
Styles
Country of a physical address
Country/Region
The date of birth of a person
Date of Birth
)An electronic mailbox address of a person
Email Address
@Diagnostic logging has failed, Exception
Stack trace:
.Diagnostic logging has failed, Exception
(The wauth parameter for requested token.
yThe wfresh parameter used in the token request. Indicates the desired maximum age of authentication specified in minutes.
-The whr specifying the requesting home realm.
2The issuer from which to request a security token.
7The wp parameter for the policy for requesting a token.
xThe '{0}' property value will be ignored because the 'UseFederationPropertiesFromConfiguration' property is set to True.
Property information
.The wtrealm parameter of the requesting realm.
GThe wreply parameter to which responses from the issuer are redirected.
The wreq parameter specifies a token request using either a <wsse:RequestSecurityToken> element or a full request message as described in WS-Trust.
The wreqptr parameter specifies a URL which is the location of a token request using either a <wsse:RequestSecurityToken> element or a full request message as described in WS-Trust.
-The wres parameter for the resource accessed.
0Additional query strings for requesting a token.
aIf this is true, then the <wsFederation> element from config is used to construct token requests.
Setting the 'UseFederationPropertiesFromConfiguration' property to True will cause any WS-Federation protocol properties set directly on the control to be ignored.
Gender of a person
Gender
:A person's name which is not their surname nor middle name
First Name
,Primary or home telephone number of a person
Home Phone
Submit
-Script is disabled. Click Submit to continue.
Working...
EID0001: The required attribute '{0}' in the element '{1}' is missing.
,ID0002: The value must be greater than zero.
ID0003: The input '{0}' is null.
KID0005: The input '{0}' collection does not contain a property named '{1}'.
;ID0006: The input string parameter is either null or empty.
LID0007: The index into the buffer is outside its valid range '{0}' to '{1}'.
6ID0008: The cache size after purge cannot be negative.
LID0009: The cache size after purge must be less than the maximum cache size.
?ID0010: The value '{0}' must be a representation of a DateTime.
NID0011: The attribute '{0}' in the element '{1}' must be a valid absolute URI.
AID0012: Failed to create an instance of '{0}' from configuration.
*ID0013: The value must be an absolute URI.
0ID0014: The value '{0}' must be an absolute URI.
9ID0015: The byte array is either null or the length is 0.
FID0016: The value must specify a time span greater than TimeSpan.Zero.
8ID0017: The value of this argument must be non-negative.
7ID0018: The argument is not of the expected type '{0}'.
ID0019: The value must be a URI.
ID0020: The collection is empty.
UID0021: The item cannot be added to the cache. The maximum cache size is '{0}' items.
(ID0022: The URI cannot be null or empty.
RID1001: The certificate does not have an associated private key.
Thumbprint: '{0}'
NID1002: The private key of the certificate is not a RSA key.
Thumbprint: '{0}'
0ID1003: The sign-in session is being terminated.
yID1004: The sign-in session is being terminated because the ticket is expired.
Current time: '{0}'
Expiration time: '{1}'
yID1005: The format of the data is incorrect. The signature length is negative: '{0}'. The cookie may have been truncated.
gID1012: The format of the data is incorrect. The data is too small. The cookie may have been truncated.
ID1013: The format of the data is incorrect. The signature is larger than the corresponding data. The cookie may have been truncated.
IID1014: The signature is not valid. The data may have been tampered with.
5ID1016: The cookie chunk size must be at least '{0}'.
ID1020: The security token received at the relying party is not a bearer token. The security token service must be configured to issue a bearer token for this relying party.
ID1022: The value cannot be negative, it is used to specify a TimeSpan. Check where this value is set and ensure it is not negative (zero is valid).
XID1024: The configuration property value is not valid.
Property name: '{0}'
Error: '{1}'
ID1025: Cannot find a unique certificate that matches the criteria.
StoreName: '{0}'
StoreLocation: '{1}'
X509FindType: '{2}'
FindValue: '{3}'
[ID1027: An element is present which is not allowed in this mode.
Element: '{0}'
Mode: '{1}'
XID1028: An element is missing which is required in this mode.
Element: '{0}'
Mode: '{1}'
}ID1029: The custom type is not suitable because it does not extend the correct base class.
CustomType: '{0}'
BaseClass: '{1}'
mID1030: Protection mode 'Rsa' requires the <relyingPartyCertificate> be present in <federatedAuthentication>.
ID1032: At least one 'audienceUri' must be specified in the SamlSecurityTokenRequirement when the AudienceUriMode is set to 'Always' or 'BearerKeyOnly'. Either add the valid URI values to the AudienceUris property of SamlSecurityTokenRequirement, or turn off checking by specifying an AudienceUriMode of 'Never' on the SamlSecurityTokenRequirement.
aID1033: The token provided to ValidateToken must be a SamlSecurityToken, actual type found '{0}'.
KID1034: The SamlSecurityToken must have a value for its Assertion property.
ID1035: The SAML Assertion did not contain any AudienceRestrictionConditions. To accept assertions without AudienceRestrictionConditions, set SecurityTokenHandlerConfiguration.AudienceRestriction.AudienceMode to AudienceUriMode.Never.
hID1036: The SAML Assertion contains a malformed AudienceRestrictionCondition which contains no Audience.
ID1037: The AudienceRestrictionCondition was not valid because it contains multiple Audiences none of which is present in AudienceUris.
ID1038: The AudienceRestrictionCondition was not valid because the specified Audience is not present in AudienceUris.
Audience: '{0}'
ID1039: The certificate's private key could not be accessed. Ensure the access control list (ACL) on the certificate's private key grants access to the application pool user.
Thumbprint: '{0}'
YID1043: The AudienceRestrictionCondition was not valid because there are no AudienceUris.
ID1044: An encrypted security token was received at the relying party which could not be decrypted. Configure the relying party with a suitable decryption certificate. Current relying party decryption certificate info:
ID1045: A valid STS address is not provided for performing passive redirects from the WSFederationAuthenticationModule. Set the 'issuer' attribute of the wsFederation element to a valid STS address in web.config.
ID1046: A valid relying party realm is not provided for performing passive redirects from the WSFederationAuthenticationModule. Set the 'realm' attribute of the wsFederation element to a valid relying party realm in web.config.
ID1047: A valid STS address is not configured on the WSFederationAuthenticationModule for creating WS-Federation passive protocol SignIn requests. Set the Issuer property on the module to a valid STS address.
ID1048: A valid relying party realm is not provided for performing passive redirects from the WSFederationAuthenticationModule. Set the Realm property on the module to a valid relying party Realm.
ID1050: The value specified for the Freshness property on the WSFederationAuthenticationModule is not valid. If specified, the property must be set to a string that can be successfully parsed to a number greater than or equal to zero.
.ID1052: Could not recognize response from STS.
ID1053: The IClaimsIdentity contained multiple UPN Claims. The automatic Windows identity mapping feature does not support this scenario.
ID1054: The IClaimsIdentity did not contain a valid UPN Claim. The automatic Windows identity mapping feature requires exactly one non-empty UPN Claim to be provided.
uID1055: RedirectToIdentityProvider cannot be called when HttpContext.Current or HttpContext.Current.Response is null.
ID1056: The RequireHttps attribute is set to true but Issuer URI scheme is not https. Change the Issuer URI scheme to https or set RequireHttps to false.
ID1057: The RequireHttps attribute is set to true but Reply URI scheme is not https. Change the Reply URI scheme to https or set RequireHttps to false.
ID1058: A valid STS address is not configured on the WSFederationAuthenticationModule for creating WS-Federation passive protocol SignOut requests. Set the Issuer property on the module to a valid STS address.
ID1059: Cannot authenticate the user because the URL scheme is not https and requireSsl is set to true in the configuration, therefore the authentication cookie will not be sent. Change the URL scheme to https or set requireSsl to false on the cookieHandler element in configuration.
SID1060: A SessionAuthenticationModule must be added to the ASP.NET Module Pipeline.
kID1061: HttpContext.Current is null. This code path is only valid when in the execution context of ASP.NET.
VID1062: Replay has been detected for: Token: '{0}', AssertionId: '{1}', Issuer: '{2}'.
dID1063: Replay detection requires that SamlSecurityToken.Assertion.AssertionId is not null or empty.
iID1064: The token provided to DetectReplayedTokens must be a Saml2SecurityToken, actual type found '{0}'.
bID1065: Replay detection requires that Saml2SecurityToken.Assertion.Id.Value is not null or empty.
]ID1066: Replay has been detected for: Token: '{0}', Assertion.Id.Value: '{1}', Issuer: '{2}'.
hID1067: The token provided to DetectReplayedTokens must be a SamlSecurityToken, actual type found '{0}'.
ID1068: The decompressed cookie exceeds the maximum size of '{0}' bytes. If this is expected, increase the MaxDecompressedSize property of DeflateCookieTransform.
ID1069: The ClaimsAuthorizationModule cannot be used without at least one other module such as a WSFederationAuthenticationModule, SessionAuthenticationModule or ClaimsPrincipalHttpModule.
5ID1070: Replay has been detected for a SecurityToken.
yID1071: The sign-in session is being terminated because the ticket is not yet valid.
Current time: '{0}'
ValidFrom: '{1}'
ID1072: The security token cannot be added to the replay cache because it has an infinite lifetime. Either the token must specify a validity period or the expirationPeriod attribute on the tokenReplayDetection configuration element must be set.
ID1073: A CryptographicException occurred when attempting to decrypt the cookie using the ProtectedData API (see inner exception for details). If you are using IIS 7.5, this could be due to the loadUserProfile setting on the Application Pool being set to false.
ID1074: A CryptographicException occurred when attempting to encrypt the cookie using the ProtectedData API (see inner exception for details). If you are using IIS 7.5, this could be due to the loadUserProfile setting on the Application Pool being set to false.
8ID2000: Expiration time must be after the creation time.
ZID2001: The AsyncState in the input IAsyncResult could not be cast to FederatedAsyncState.
ID2002: The AppliesTo address of the relying party was not a valid absolute URI. Override the SecurityTokenService.GetScope() method and populate Scope.AppliesToAddress with an appropriate AppliesTo address.
ID2003: SecurityTokenService.SecurityTokenDescriptor was null. Initialize the SecurityTokenDescriptor on the STS in your SecurityTokenService implementation with an appropriate value.
ID2004: IAsyncResult must be the AsyncResult instance returned from the Begin call. The runtime is expecting '{0}', and the actual type is '{1}'.
1ID2005: The request is not valid or is malformed.
ID2007: Authentication failed.
%ID2008: The specified request failed.
=ID2009: The specified RequestSecurityToken is not understood.
?ID2010: The request Scope '{0}' is not valid or is unsupported.
HID2011: The computed key algorithm '{0}' is not valid or is unsupported.
^ID2012: The type does not match. The runtime is expecting '{0}', and the actual type is '{1}'.
ID2013: SecurityTokenService.GetScope returned null. Return a suitable Scope instance from SecurityTokenService.GetScope to issue a token.
3ID2014: Requested TokenType '{0}' is not supported.
ID2015: DefaultTokenType must be supported by the existing TokenHandlers. Try to add a TokenHandler which can handle '{0}' to the TokenHandlers first.
EID2016: The SecurityTokenHandler in the FederatedAsyncState was null.
WID2017: The card image file name '{0}' is not valid. The specified file does not exist.
ID2018: The card image file name '{0}' is not valid. The specified file does not have a valid image format or GDI+ does not support the pixel format of the file.
sID2027: The Information Card version must be an integer greater than or equal to 0 and less than or equal to '{0}'.
xID2028: The version of the privacy notice must be an integer greater than or equal to 0 and less than or equal to '{0}'.
~ID2029: The Information Card only supports mex over https. To fix this, make sure that the given mexAddress starts with https.
@ID2030: The mexAddress is either null or is not an absolute URI.
ID2037: The GenerateScopedClaimTypes method on the scope provider needs to be implemented so that it will return a list of ClaimType URI's.
~ID2039: The DisplayToken must have at least one DisplayClaim. To fix this, make sure the given DisplayClaim list is not empty.
ID2041: X509CertificateCredentials can support only the following SecurityKeyIdentifierClause types: X509ThumbprintKeyIdentifierClause, X509IssuerSerialKeyIdentifierClause, X509RawDataKeyIdentifierClause and X509SubjectKeyIdentifierClause.
ID2042: The Information Card image format must be either Bmp, Gif, Jpeg, Png or Tiff. To fix this, use the CardImage.CreateFromBaseImage or CreateFromImage methods.
BID2043: The request is missing relying party identity information.
8ID2044: The proof key specified in request is not valid.
EID2045: Unrecognized Information Card reference specified in request.
SID2046: Could not satisfy required Claims in request; construction of token failed.
dID2047: Stale Information Card reference specified in request; Information Card refresh is required.
ID2048: The given IUserCredential.CredentialType must match the one configured on the TokenServiceEndpoint. The credential type from TokenServiceEndpoint is '{0}', and the IUserCredential.CredentialType which could come from the Information Card request is '{1}'.
ID2049: The Information card requires mex over https. To fix this, make sure that the TokenServiceEndpoint contains a valid mex metadata section.
ID2050: When the KeyType is bearer, it is not valid to have a KeySize element with a value other than zero in the request. To fix this, change the key type or set the key size to zero.
]ID2051: The request is null. To fix this, make sure the RST contains a valid request message.
uID2052: The RequestType, if specified, must be set to Issue. The SecurityTokenService can only handle Issue requests.
RID2053: The KeyType, if specified, must be either Symmetric, Asymmetric or Bearer.
ID2055: The RelyingPartyParameters property on the RequestSecurityToken instance must not contain another RelyingPartyParameters. To fix this, make sure the RelyingPartyParameters property does not contain another RelyingPartyParameters instance.
`ID2056: The request has a KeySize '{0}' that is greater than the maximum allowed value of '{1}'.
eID2057: Cannot construct a X509SigningCredentials instance for a certificate without the private key.
OID2058: Cannot compute the combined entropy if the source entropy size is zero.
ID2059: The request has a KeySizeInBits that has no value. If you have overridden SecurityTokenService.ValidateRequest, make sure it has a valid value.
ID2064: The object passed as parameter named 'elementValue' must be of type 'RequestSecurityToken' when 'elementName' is '{0}'.
SID2069: The value argument is not a valid type. SecurityTokenService type expected.
DID2070: MaxClockSkew must be greater than or equal to TimeSpan.Zero.
ID2072: The RequestSecurityToken contains an element with name '{0}' that cannot be processed. You will need to provide a custom WSTrustRequestSerializer to process this element.
ID2073: SecurityTokenServiceConfiguration.SecurityTokenService is either null or does not have a base type of SecurityTokenService.
tID2074: SecurityTokenServiceConfiguration.SecurityTokenService is of type '{0}' but is expected to be of type '{1}'.
ID2075: The computed lifetime has a creation time of '{0}' and an expiration time of '{1}'. The expiration time is before than the current time of '{2}'. If you need to specify such a lifetime, you will need to override SecurityTokenService.GetTokenLifetime and provide custom verification.
ID2076: The computed lifetime has a creation time of '{0}' and an expiration time of '{1}'. This creation time is more that 1 day in the future. UtcNow = '{2}'. If you need to specify such a lifetime, override SecurityTokenService.GetTokenLifetime and provide custom verification.
ID2077: The computed lifetime has a creation time of '{0}' and an expiration time of '{1}'. The expiration time is before or equal to the creation time. If you need to specify such a lifetime, override SecurityTokenService.GetTokenLifetime and provide custom verification.
ID2078: The computed lifetime has a creation time of '{0}' and an expiration time of '{1}'. This produces a time span greater than the maximum allowed token lifetime '{2}' as specified in SecurityTokenServiceConfiguration.MaximumTokenLifetime. If you need to specify such a lifetime, SecurityTokenServiceConfiguration.MaximumTokenLifetime is a settable property or you can override SecurityTokenService.GetTokenLifetime and provide custom verification.
ID2079: SecurityTokenService.SecurityTokenDescriptor.SigningCredentials is null. Specify a valid credential to sign the issued token with, in the Scope that is returned by SecurityTokenService.GetScope. If you need to issue unsigned tokens, you will need to override SecurityTokenService.Issue.
ID2080: Cannot resolve the SecurityKeyIdentifier to a SecurityKey with the given SecurityTokenResolver. SecurityTokenResolver: '{0}', SecurityKeyIdentifier: '{1}'.
ID2081: SecurityTokenService does not implement asynchronous behavior. Override BeginGetOutputClaimsIdentity/EndGetOutputClaimsIdentity and BeginGetScope/EndGetScope methods to provide valid asynchronous behavior.
@ID2082: Lifetime must be greater than or equal to TimeSpan.Zero.
ID2083: IssuerName cannot be null or empty. Create SecurityTokenServiceConfiguration with a valid TokenIssuerName or override SecurityTokenService.GetIssuerName to provide it.
ID2084: Cannot create EncryptingCredentials from the specified proof encryption token '{0}'. Override SecurityTokenService.GetRequestorProofEncryptingCredentials to return a valid proof EncryptingCredentials.
,ID2085: The security token has been revoked.
>ID2086: There are insufficient Digest elements in the request.
?ID2087: Some of the data in the request message is out-of-date.
LID2088: The time range specified in the request is not valid or unsupported.
IID2089: The request contains a renewable security token that has expired.
5ID2090: The request to renew a security token failed.
3ID2091: No pseudonym found for the specified scope.
+ID2092: The principal is already signed-in.
'ID2093: The principal is not signed-in.
)ID2094: No match for the specified scope.
CID2095: Credentials provided don't meet the freshness requirements.
:ID2096: The specified dialect for Claims is not supported.
>ID2097: A requested RST parameter was not accepted by the STS.
:ID2098: A desired issuer name is not supported by the STS.
fID2099: A wencoding value or other parameter with XML content was received in an unsupported encoding.
LID2100: At least one certificate must be specified in the certificate chain.
BID2101: The server cannot generate cards due to an internal error.
.ID2102: The request to obtain cards is denied.
+ID2103: The request has invalid parameters.
SID2104: The request for a specific signature format is not supported by the server.
<ID3000: Federation message has an unrecognized Action '{0}'.
aID3001: Either wresult or wresultptr parameter needs to be specified for a SignInResponseMessage.
ID3002: WSTrustServiceContract could not create a SecurityTokenService instance from WSTrustServiceContract.SecurityTokenServiceConfiguration.
aID3003: Federation Message requires the BaseUri property and the BaseUri must be an absolute URI.
6ID3004: Cannot obtain the schema for namespace: '{0}'.
dID3005: RequestSecurityTokenResponse object can be created only from a SignInResponseMessage Object.
BID3006: ComputedKey element must have a valid algorithm specified.
?ID3007: The element '{0}' with namespace '{1}' is unrecognized.
5ID3009: Uri Attribute missing from ClaimType element.
-ID3010: Unrecognized KeyType specified: '{0}'
1ID3011: Unrecognized RequestType specified: '{0}'
jID3012: UseKey in a RequestSecurityToken object must have a valid SecurityToken in order to be serialized.
ID3013: Cannot write element '{0}' of type '{1}'. Add your custom WSTrustResponseSerializer in SecurityTokenServiceConfiguration to write this element.
'ID3014: Unrecognized Action name: '{0}'
EID3015: The context associated with the SignedInfo instance was null.
aID3016: SignInResponseMessage cannot have wresult and wresultptr parameters set at the same time.
ID3017: The token contained in the UseKey object is not recognized as a writeable token by any of the configured SecurityTokenHandlers.
ID3019: Cannot create RSTR from the given message. The message must be a SignInResponseMessage and must contain a wresult or wresultptr parameter.
1ID3020: Unrecognized KeyType element found '{0}'.
oID3021: RequestedProofToken in RequestSecurityTokenResponse must contain ComputedKeyAlgorithm or SecurityToken.
ID3022: The WSTrustServiceContract only supports receiving RequestSecurityToken messages. If you need to support more message types, override the WSTrustServiceContract.DispatchRequest method.
ID3023: The WSTrustServiceContract only supports receiving RequestSecurityToken messages asynchronously. If you need to support more message types, override the WSTrustServiceContract.BeginDispatchRequest and EndDispatchRequest.
nID3024: The FederatedSecurityTokenProvider does not support the provided FederatedClientCredentialsParameters.
ID3025: Cannot read 'RequestedProofToken' element. The 'RequestedProofToken' element must either contain a 'EncryptedKey' element or a 'BinarySecret' element or a 'ComputedKeyAlgorithm' as its child element.
ID3026: Cannot read 'Entropy' element. The 'Entropy' element must either contain a 'EncryptedKey' element or a 'BinarySecret' element as its child element.
ID3027: The key needed to decrypt the encrypted key could not be resolved. Ensure that '{0}' is populated with the required key.
CID3029: Required InformationCard parameter is not specified. '{0}'.
MID3030: The input violates schema. Expected Element '{0}' in namespace '{1}'.
cID3031: The input violates schema. The element '{0}' does not contain the required attribute '{1}'.
hID3032: Unexpected element '{0}' in namespace '{1}' found. Expected element '{2}' under namespace '{3}'.
ID3033: Bad Request.
ID3034: Authentication failed.
2ID3035: The request was not valid or is malformed.
%ID3037: The specified request failed.
IID3039: Exactly one "Object" reference was expected inside the signature.
BID3040: Information Card has a CardId that is not an absolute URI.
jID3041: Information Card has a CardName that is not of a valid length. The length must be between 1 - 255.
=ID3042: Information Card Issuer '{0}' is not an absolute URI.
ID3043: The Mime type '{0}' specified in the 'CardImage' element is not recognized. The valid Mime types are 'image/jpeg', 'image/gif', 'image/bmp', 'image/png' and 'image/tiff'.
;ID3044: 'CardImage' element does not contain a valid Image.
MID3045: Information Card cannot have more than '{0}' TokenServices specified.
hID3046: Information Card contains a UserCredentials type '{0}' in namespace '{1}' that is not supported.
gID3047: Information Card must specify at least one TokenType element in SupportedTokenTypeList element.
KID3049: Information Card cannot specify more than '{0}' TokenType elements.
TID3050: Information Card cannot specify more than '{0}' SupportedClaimType elements.
@ID3051: The SupportedClaimType URI '{0}' is not an absolute URI.
yID3052: Information Card has a SupportedClaimType whose DisplayTag has length: '{0}'. The length must be between 1 - 255.
zID3053: Information Card has a SupportedClaimType whose Description has length: '{0}'. The length must be between 1 - 255.
eID3054: Information Card contains a PrivacyNotice whose version is less than 1 or greater than '{0}'.
RID3057: EnvelopedSignature has more than on Reference specified in the SignedInfo.
@ID3059: An exception occurred while parsing an Information Card.
ID3060: Information Card contains a X509Credentials type '{0}' which is not supported. The supported clause types are X509ThumbprintKeyIdentifierClause and X509IssuerSerialKeyIdentifierClause.
1ID3061: The given element ('{0}','{1}') is empty.
ID3062: Unrecognized credentials type. Must be one of UsernamePasswordCredential, KerberosV5Credential, X509V3Credentials or SelfIssuedCredential.
;ID3063: An error occurred while parsing a WS-Trust message.
AID3064: Token EncryptingCredentials must specify a symmetric key.
VID3065: The type '{0}' is not supported for element '{1}'. The expected type is '{2}'.
UID3066: The Information Card CardVersion cannot be less than 1 or greater than '{0}'.
JID3067: TokenServiceList must contain at least one TokenService specified.
PID3068: The DisplayCredentialHint '{0}' is not valid. Its length must be 1 - 64.
lID3069: The UsernamePasswordCredential contains a Username whose length is greater than 255. Username '{0}'.
]ID3070: The Information Card has a PrivacyNotice location '{0}' which is not an absolute URI.
DID3074: An exception occurred while parsing a WS-Federation message.
YID3079: Information Card contains a X509Credentials with a unrecognized ValueType. '{0}'.
zID3080: Information Card contains a X509Credentials with an Thumbprint clause but the EncodingType '{0}' is not supported.
9ID3082: The request scope is not valid or is unsupported.
iID3087: Service type specified must be of type SecurityTokenServiceConfiguration. Service type was '{0}'.
(ID3089: No enveloped signature was read.
VID3091: An Issue request for an Asymmetric key must have the UseKey element specified.
}ID3092: The specified UseKey '{0}' cannot be resolved to a token that would prove the client's possession of the private key.
EID3094: Cannot create WS-Federation message from the given URI '{0}'.
ID3095: Cannot create WS-Federation message from the given HttpRequest. Check if the request contains a valid Form Post with the required WS-Federation parameters.
dID3096: Cannot create SecurityTokenServiceConfiguration from the constructor string specified '{0}'.
ID3097: ServiceHost does not contain any valid Endpoints. Add at least one valid endpoint in the SecurityTokenServiceConfiguration.TrustEndpoints collection.
ID3098: ServiceHost contains an invalid Endpoint. At least one endpoint in the SecurityTokenServiceConfiguration.TrustEndpoints collection contains a null or empty Address.
IID3112: Unrecognized RequestType '{0}' specified in the incoming request.
ID3113: The WSTrustServiceContract does not support receiving '{0}' messages with the '{1}' SOAP action. If you need to support this, override the ValidateDispatchContext method.
KID3114: The WSTrustServiceContract cannot deserialize the WS-Trust request.
dID3115: The IssuerInformation EntryName '{0}' is not valid. Its length must be within '{1}' - '{2}'.
eID3116: The IssuerInformation EntryValue '{0}' is not valid. Its length must be within '{1}' - '{2}'.
KID3117: IssuerInformation must contain at least one IssuerInformationEntry.
nID3123: The specified Base64 Image size is greater than the allowed size of '{0}' for the 'CardImage' element.
PID3124: The UsernamePasswordCredential contains a Username whose length is zero.
NID3125: The expiration time of the Information Card is before the issued time.
IID3126: The PrivatePersonalIdentifier '{0}' is not a valid Base64 string.
VID3127: The PrivatePersonalIdentifier '{0}' is greater than the valid length of '{1}'.
[ID3128: The Information Card is missing a required element. Element: '{0}' Namespace: '{1}'
>ID3129: The PrivatePersonalIdentifier cannot be null or Empty.
zID3130: A WSTrust 1.3 RequestSecurityToken SecondaryParameters element cannot contain another SecondaryParameters element.
\ID3135: The element '{0}' with namespace '{1}' has value '{2}' which is not an absolute URI.
sID3136: The attribute '{0}' of the element '{1}' with namespace '{2}' has value '{3}' which is not an absolute URI.
ID3137: The TrustVersion '{0}', is not supported, only 'TrustVersion.WSTrust13' and 'TrustVersion.WSTrustFeb2005' is supported.
[ID3138: The RequestSecurityTokenResponse that was received did not contain a SecurityToken.
ID3139: The WSTrustChannel cannot compute a proof key. The KeyType '{0}' is not supported. Valid proof key types supported by the WSTrustChannel are WSTrust13 and WSTrustFeb2005.
ID3140: Specify one or more BaseAddresses to enable metadata or set DisableWsdl to true in the SecurityTokenServiceConfiguration.
ID3141: The RequestType '{0}', is not supported. If you need to support this RequestType, override the corresponding virtual method in your SecurityTokenService derived class.
oID3142: WS-Federation SignInRequestMessage cannot have the 'wreq' and 'wreqptr' parameter set at the same time.
bID3143: WS-Federation message has a parameter '{0}' with value '{1}' which is not an absolute URI.
rID3144: The PortType '{0}' Operation '{1}' has Message '{2}' is expected to have only one part but contains '{3}'.
>ID3146: WsdlEndpointConversionContext.WsdlPort cannot be null.
FID3147: WsdlEndpointConversionContext.WsdlPort.Service cannot be null.
YID3148: WsdlEndpointConversionContext.WsdlPort.Service.ServiceDescription cannot be null.
xID3149: Cannot find an input message type for PortType '({0}, {1})' for operation '{2}' in the given ServiceDescription.
yID3150: Cannot find an output message type for PortType '({0}, {1})' for operation '{2}' in the given ServiceDescription.
ID3151: The WS-Trust message has an empty 'RenewTarget' element. The 'RenewTarget' element must either contain a valid SecurityToken as its child element.
ID3152: The WS-Trust message has an empty 'OnBehalfOf' element. The 'OnBehalfOf' element must either contain a SecurityToken or SecurityTokenReference as its child element.
ID3153: The WS-Trust message has an empty 'ActAs'. The element must have a SecurityToken or SecurityTokenReference as its child element.
ID3154: The WS-Trust message has an empty 'KeySize' element. The element must specify a valid key size for the requested token.
ID3155: The WS-Trust message has an empty 'UseKey' element. The element must specify a valid SecurityTokenReference to the client's public key.
ID3156: The WS-Trust message has an empty 'InformationCardReference'. The element must contain a valid reference to an InformationCard.
cID3157: The WS-Trust message has an empty 'ClientPseudonym'. The element must contain a valid PPID.
ID3158: The WS-Trust message has an empty 'RequestedSecurityToken'. The element must contain a valid SecurityToken as its child element.
ID3159: The WS-Trust message has an empty 'RequestedAttachedReference'. The element must contain a valid SecurityKeyIdentifierClause as its child element.
ID3160: The WS-Trust message has an empty 'RequestedUnattachedReference'. The element must contain a valid SecurityKeyIdentifierClause as its child element.
ID3161: The WS-Trust message has an empty 'Lifetime'. The element must contain 'Created' and 'Expires' elements as its child element.
xID3162: The WS-Trust message has an empty 'AppliesTo'. The element must contain an EndpointAddress as its child element.
ID3163: The WS-Trust message has an empty 'RequestedDisplayToken'. The element must contain valid DisplayClaims and DisplayLanguage.
vID3164: The WS-Trust message has an empty 'BinarySecret'. The element must contain key bytes encoded as Base64 string.
|ID3165: The WS-Trust message contains a 'UseKey' element that cannot be read by any of the configured SecurityTokenHandlers.
ID3166: The 'UseKey' token contained in the WS-Trust message is not able to create an RsaKeyIdentifierClause or an X509RawDataSecurityKeyIdentifierClause, which are the only SecurityKeyIdentifierClause types supported by default.
RID3171: The Information Card has an empty element. Element: '{0}' Namespace: '{1}'
OID3172: The Information Card is missing the 'InformationCardReference' element.
ID3173: The Information Card has an empty 'InformationCardReference' element. The element must contain a 'CardId' and 'CardVersion' as its child element.
uID3174: The Information Card has an 'InformationCardReference' element that is missing the required 'CardId' element.
zID3175: The Information Card has an 'InformationCardReference' element that is missing the required 'CardVersion' element.
zID3176: The Information Card has an empty 'TokenServiceList'. The element must have a 'TokenService' as its child element.
ID3177: The Information Card has an 'TokenServiceList/TokenService' element that is missing the required 'UserCredential' element.
ID3178: The Information Card has an empty 'TokenServiceList/TokenService'. The element must have a 'UserCredential' as its child element.
ID3179: The Information Card has an empty 'SelfIssuedCredentials' element. The element must have a 'PrivatePersonalIdentifier' as its child element.
ID3180: The Information Card has an 'SelfIssuedCredentials' element that is missing the required 'PrivatePersonalIdentifier' element.
nID3181: The Information Card has a 'X509V3Credential' element that is missing the required 'X509Data' element.
^ID3182: The Information Card has a 'X509V3Credentials/X509IssuerSerial' element that is empty.
~ID3183: The Information Card has a 'X509V3Credentials/X509IssuerSerial' element that is missing the required 'X509IssuerName'.
ID3184: The Information Card has a 'X509V3Credentials/X509IssuerSerial' element that is missing the required 'X509SerialNumber'.
NID3185: The Information Card has a CardType '{0}' that is not an absolute URI.
ID3186: The Information Card has a 'TokenService' element with an 'X509V3Credentials/X509Data' element that does not contain any valid credentials.
ID3187: The Information Card has a 'TokenService' element with an 'X509V3Credentials/X509IssuerSerial' that has an empty 'X509IssuerName'.
ID3188: The Information Card has a 'TokenService' element with an 'X509V3Credentials/X509IssuerSerial' that has an empty 'X509SerialNumber'.
dID3189: The Information Card has the element '{0}' that is missing the required child element '{1}'.
ID3190: The WSTrustChannel cannot compute a proof key without a valid SecurityToken set as the RequestSecurityToken.UseKey when the RequestSecurityToken.KeyType is '{0}'.
ID3191: The WSTrustChannel received a RequestedSecurityTokenResponse message containing an Entropy without a ComputedKeyAlgorithm.
ID3192: The WSTrustChannel cannot compute a proof key. The received RequestedSecurityTokenResponse does not contain a RequestedProofToken and the ComputedKeyAlgorithm specified in the response is not supported: '{0}'.
ID3193: The WSTrustChannel cannot compute a proof key. The received RequestedSecurityTokenResponse indicates that the proof key is computed using combined entropy. However, the response does not include an entropy.
ID3194: The WSTrustChannel cannot compute a proof key. The received RequestedSecurityTokenResponse indicates that the proof key is computed using combined entropy. However, the request does not include an entropy.
TID3195: The ChannelFactory provided does not have an Endpoint or Endpoint.Behaviors.
ID3196: The ChannelFactory provided is not configured to use an FederatedClientCredentials. Ensure that you call the ConfigureChannelFactory method on the provided ChannelFactory object prior to invoking this method.
hID3197: The ChannelFactory cannot be configured. Invoke this method prior to opening the ChannelFactory.
@ID3198: An exception occurred while parsing a Metadata document.
AID3199: EntityID cannot have a value longer than 1024 characters.
hID3200: An error occurred while reading the metadata document. Required parameter '{0}' was not present.
WID3201: The enumerated attribute '{0}' in metadata has a value '{1}' that is not valid.
sID3202: An error occurred while reading the metadata document. Parameter '{0}' has a value '{1}' that is not valid.
cID3203: An error occurred while writing the metadata document. Required parameter '{0}' is not set.
TID3204: WS-Federation SignIn request must specify a 'wtrealm' or 'wreply' parameter.
AID3205: An exception occurred processing a WS-Federation message.
lID3206: A SignInResponse message may only redirect within the current web application: '{0}' is not allowed.
ID3207: An error occurred while reading the metadata document. Attribute '{0}' of element '{1}' has a value '{2}' that is not supported.
=ID3208: Information Card contains unrecognized element '{0}'.
pID3209: '{0}' is not valid as a supported token type in an Information Card. Token type must be an absolute URI.
;ID3210: The WS-Federation '{0}' parameter is not supported.
[ID3211: The WS-Federation '{0}' includes both '{1}' and '{2}' parameters. '{2}' is ignored.
^ID3212: The ChannelFactory does not have a ClientCredentials object in its Endpoint.Behaviors.
ID3215: The encoding type '{0}' specified in element '{1}' with namespace '{2}' is not supported. The supported encoding types are '{3}'.
qID3216: WS-Trust message has an empty 'Issuer'. The element must contain an EndpointAddress as its child element.
YID3217: The Encoding type '{0}' is not supported. The supported encoding types are '{1}'.
ID3218: WS-Trust message has an empty 'ProofEncryption'. The element must have a SecurityToken or SecurityTokenReference as its child element.
ID3219: WS-Trust message has an empty 'DelegateTo'. The element must have a SecurityToken or SecurityTokenReference as its child element.
ID3220: WS-Trust message has an empty 'CancelTarget'. The element must have a SecurityToken or SecurityTokenReference as its child element.
ID3221: WS-Trust message has an empty 'ValidateTarget'. The element must have a SecurityToken or SecurityTokenReference as its child element.
fID3222: The element '{0}' with namespace '{1}' was expected to have value of type '{2}' but was '{3}'.
]ID3223: The element ('{0}','{1}') has the child element ('{2}','{3}') that is not recognized.
1ID3224: SecurityMode cannot be SecurityMode.None.
ID3225: UserNameWSTrustBinding in SecurityMode.Transport SecurityMode, clientCredentialType must be Digest or Basic. But actual value is '{0}'
ID3226: SecurityMode of IssuedTokenBinding must be SecurityMode.Message or SecurityMode.TransportWithMessageCredential. But actual value is '{0}'.
ID3227: Issued token authentication is not supported for Transport security. IssuedTokenWSTrustBinding.SecurityMode must be set to 'Message' or 'TransportWithMessageCredential'.
.ID3228: The given Namespace is not recognized.
3ID3233: No pseudonym found for the specified scope.
+ID3234: The principal is already signed-in.
'ID3235: The principal is not signed-in.
)ID3236: No match for the specified scope.
CID3237: Credentials provided don't meet the freshness requirements.
:ID3238: The specified Dialect for Claims is not supported.
>ID3239: A requested RST parameter was not accepted by the STS.
:ID3240: A desired issuer name is not supported by the STS.
fID3241: A wencoding value or other parameter with XML content was received in an unsupported encoding.
DID3242: The security token could not be authenticated or authorized.
=ID3243: The requested time range is not valid or unsupported.
(ID3244: Security token has been revoked.
%ID3245: Insufficient Digest Elements.
(ID3246: The request data is out-of-date.
/ID3247: A renewable security token has expired.
%ID3248: The requested renewal failed.
,ID3249: The attribute '{0}' must be omitted.
*ID3250: An unsupported token was provided.
BID3251: An unsupported signature or encryption algorithm was used.
FID3252: An error was discovered processing the <wsse:Security> header.
/ID3253: An invalid security token was provided.
0ID3254: The signature or decryption was invalid.
8ID3255: Reference security token could not be retrieved.
ID3256: The message has expired.
ID3257: RequestSecurityToken contains at least one Claim with a Claim value specified but the RequestClaimCollection.Dialect is set to '{0}'. The RequestClaimCollection.Dialect must be set to '{1}' for the value to be serialized out.
ID3258: RequestSecurityToken contains a Claim with a Claim value specified but the Dialect is set to '{0}'. The Dialect must be set to '{1}'.
iID3259: Information Card has a IssuerName that is not of valid length. The length must be between 1 - 64.
lID3260: The root element of a metadata document must be either an EntityDescriptor or an EntitiesDescriptor.
;ID3261: The WS-Federation parameter '{0}' is null or empty.
ID3262: The CardVersion element in the Information Card has a value that is out of range. It must be an integer greater than 0 and less than '{0}'.
ID3263: WS-Trust message has an 'InformationCardReference' element with an invalid CardVersion. The Information Card version must be a positive integer greater than or equal to 0 and less than or equal to '{0}'.
ID3264: OnBehalfOf element was found, but there was no token handlers registered to read a OnBehalfOf element. Consider adding a valid SecurityTokenHandlerCollection to the SecurityTokenHanderCollectionManager for OnBehalfOf usage.
ID3265: ActAs element was found, but there was no token handlers registered to read a ActAs element. Consider adding a valid SecurityTokenHandlerCollection to the SecurityTokenHanderCollectionManager for ActAs usage.
ID3266: The FederatedSecurityTokenProvider cannot support the FederatedClientCredentialsParameters. The FederatedClientCredentialsParameters has already provided the '{0}' parameter.
qID3267: Bearer KeyType is not supported with WSTrustFeb2005 version of WSTrust. Consider using WSTrust13 instead.
wID3268: WS-Trust message has an empty 'Encryption' element. The element must have a SecurityToken as its child element.
ID3269: Cannot determine the TrustVersion. It must either be specified explicitly, or a SecurityBindingElement must be present in the binding.
ID3270: The WSTrustChannel does not support multi-leg issuance protocols. The RSTR received from the STS must be enclosed in a RequestSecurityTokenResponseCollection element.
ID3272: Cannot determine the URL of the STS to which to redirect with wsignout1.0. Specify an absolute URL in the 'signOutUrl' parameter.
ID3273: The 'wreq' parameter or the data retrieved by the 'wreqptr' parameter must contain valid XML for a WS-Federation Request Security Token.
LID3274: The RoleDescriptor of type '{0}' was dropped as it is not supported.
ID3275: The XmlReader is not positioned at an EncryptedData element. XmlReader is positioned at: Name: '{0}', Namespace: '{1}'.
oID3276: The signing credentials cannot be resolved because signed XML does not contain a SecurityKeyIdentifier.
]ID3277: The Information Card has a 'X509V3Credentials/X509Certificate' element that is empty.
UID3278: The Information Card has a 'X509V3Credentials/X509SKI' element that is empty.
]ID3279: The Information Card has a 'X509V3Credentials/X509SubjectName' element that is empty.
iID3280: RequestInformationCards cannot have more than one instance of element '{0}' from namespace '{1}'.
OID3281: RequestInformationCards has an unrecognized CardSignatureFormat: '{0}'.
PID3282: The 'informationCards' parameter contains an item that is null or empty.
2ID3283: The 'oids' parameter contains a null item.
YID3284: 'Saml2NameIdentifier' encrypting credentials must have a Symmetric Key specified.
AID3285: The WS-Trust operation '{0}' is not valid or unsupported.
cID3286: The 'inner' parameter must implement the 'System.ServiceModel.Channels.IChannel' interface.
nID3287: WSTrustChannelFactory does not support changing the value of this property after a channel is created.
&ID4001: Expected AsyncResult instance.
$ID4002: End has already been called.
HID4003: An unhandled exception occurred during an asynchronous callback.
PID4004: An exception occurred during the execution of an asynchronous operation.
AID4005: The AsyncResult.Complete have been called more than once.
ID4007: The symmetric key inside the requested security token must be encrypted. To fix this, either override the SecurityTokenService.GetScope() method to assign appropriate value to Scope.EncryptingCredentials or set Scope.SymmetricKeyEncryptionRequired to false.
;ID4008: '{0}' does not provide an implementation for '{1}'.
FID4010: A SecurityTokenHandler is not registered for token type '{0}'.
NID4011: A SecurityTokenHandler is not registered to validate token type '{0}'.
ID4013: Cannot return null from Saml11SecurityTokenHandler.CreateAssertion. To fix this, make sure CreateAssertion returns a valid SamlAssertion.
WID4014: A SecurityTokenHandler is not registered to read security token ('{0}', '{1}').
\ID4020: A SecurityTokenHandler is not registered to create tokens for type identifier '{0}'.
ID4022: The key needed to decrypt the encrypted security token could not be resolved. Ensure that the SecurityTokenResolver is populated with the required key.
ID4023: The encrypted security token was directly encrypted using an asymmetric key, which is not supported. An xenc:EncryptedKey must be used to encrypt a symmetric key using the asymmetric key.
nID4024: The EncryptedSecurityTokenHandler can only write SecurityToken objects of type EncryptedSecurityToken.
dID4025: The SamlSecurityTokenRequirement specifies an unrecognized value for AudienceUriMode: '{0}'.
CID4028: The given Claim.Subject does not reference this collection.
7ID4029: The given Claim is not part of this collection.
`ID4030: The Claim with <Claim.ClaimType, Claim.Resource> of < '{0}', '{1}' > is not understood.
8ID4031: A Claim.Resource value of null is not supported.
ID4034: A SamlAttributeStatement can only have one SamlAttributeValue of type 'Actor'. This special SamlAttribute is used in delegation scenarios.
fID4035: Actor cannot be set so that circular directed graph will exist chaining the subjects together.
ID4036: The key needed to decrypt the encrypted security token could not be resolved from the following security key identifier '{0}'. Ensure that the SecurityTokenResolver is populated with the required key.
ID4037: The key needed to verify the signature could not be resolved from the following security key identifier '{0}'. Ensure that the SecurityTokenResolver is populated with the required key.
&ID4038: Signature verification failed.
ID4039: A custom ServiceAuthorizationManager has been configured. Any custom ServiceAuthorizationManager must be derived from IdentityModelServiceAuthorizationManager.
ID4040: Cannot instantiate a MembershipUserNameSecurityTokenHandler because there is no default MembershipProvider configured for the application.
ID4041: Cannot configure the ServiceHost '{0}'. Try calling FederatedServiceCredentials.ConfigureServiceHost before ServiceHost.Open.
|ID4046: The SecurityTokenHandler cannot write the token '{0}'. The SecurityTokenHandler can only write tokens of type '{1}'.
tID4050: The SecurityContextSecurityTokenHandler requires a valid WS-SecureConversation version when writing a token.
ID4051: Cannot resolve SecurityToken. Use config to ensure that a SecurityTokenHandler is registered for token of type '{0}'. Element name: '{1}'. Namespace: '{2}'.
ID4052: SecurityTokenElement cannot create a subject unless it is constructed with an XmlElement and SecurityTokenHandlerCollection.
WID4053: The token has WS-SecureConversation version '{0}'. Version '{1}' was expected.
ID4056: A WindowsClaimsIdentity was not found in this instance of the WindowsClaimsPrincipal. The Identity cannot be accessed in this state.
FID4058: The user '{0}' failed validation using the MembershipProvider.
`ID4059: The Username token has the unsupported password type '{0}'. The supported type is '{1}'.
QID4060: The element ({0}, {1}) is not supported as a child element of ({2}, {3}).
9ID4061: Username token does not contain a valid username.
uID4062: The username format is not valid. The username format must be in the form of 'username' or 'domain\username'.
^ID4063: LogonUser failed for the '{0}' user. Ensure that the user has a valid Windows account.
ID4064: Custom configuration provided for MembershipUserNameSecurityTokenHandler does not specify a valid MembershipProvider name. Use the 'membershipProviderName' attribute on the 'userNameSecurityTokenHandlerRequirement' element to specify a valid name for a MembershipProvider specified in the system.web/membership configuration section.
cID4065: Cannot read SecurityToken. Expected element is ({0}, {1}) the actual element is ({2}, {3}).
ID4066: Cannot read SecurityToken. Expected element ({0}, {1}) with '{2}' attribute set to '{3}'. But the attribute value was '{4}'.
vID4067: The '{0}' X.509 certificate cannot be mapped to a Windows account. The UPN subject alternate name is required.
OID4068: Unrecognized encoding occurred while reading the binary security token.
@ID4069: The reverting operation failed with the exception '{0}'.
ID4070: The X.509 certificate '{0}' chain building failed. The certificate that was used has a trust chain that cannot be verified. Replace the certificate or change the certificateValidationMode. '{1}'
%ID4071: The certificate is not valid.
]ID4072: The SecurityTokenHandler '{0}' registered for TokenType '{1}' must derive from '{2}'.
9ID4073: SAML Action is missing the required Action value.
?ID4075: SAML Assertion is missing the required '{0}' Attribute.
ID4076: SAML Assertion with MajorVersion '{0}' and MinorVersion '{1}' is not supported. The supported version is MajorVersion '{2}' and MinorVersion '{3}'.
EID4077: SAML Assertion AssertionId '{0}' is not a valid xsd:ID value.
ID4078: SAML Assertion does not have any SAML Statement elements. SAML Assertion must have at least one SAML Statement element.
HID4079: SAML Advice AssertionIdReference cannot be null or empty string.
gID4080: The XmlReader is positioned at element ('{0}', '{1}') which is not a recognized SAML condition.
0ID4081: Unrecognized SAML Condition found. '{0}'
{ID4082: SAML Assertion is not valid. XmlReader was expected to reference ('{0}', '{1}') but was referencing ('{2}', '{3}').
ZID4083: SAML AudienceRestrictionCondition must not specify a null or empty audience value.
ZID5084: SAML AudienceRestrictionCondition must have at least one Audience value specified.
WID4085: SAML Assertion contains a SAML Statement ('{0}', '{1}') that is not recognized.
9ID4086: The given SAML Statement is not recognized. '{0}'
AID4087: SAML NameIdentifier does not have a valid Name specified.
[ID4088: SAML SubjectConfirmation does not have a valid SubjectConfirmationMethod specified.
WID4089: SAML Subject must either specify a valid NameIdentifier or SubjectConfirmation.
)ID4090: Cannot read SAML Subject KeyInfo.
0ID4091: Cannot write SAML Subject KeyInfo '{0}'.
KID4092: SAML AttributeStatement does not contain the required SAML Subject.
MID4093: SAML AttributeStatement does not contain any SAML Attribute elements.
?ID4094: SAML Attribute does not contain a valid Attribute Name.
DID4095: SAML Attribute does not contain a valid Attribute Namespace.
6ID4096: SAML Attribute does not contain a valid value.
UID4097: SAML AuthenticationStatement does not contain a valid Authentication Instant.
TID4098: SAML AuthenticationStatement does not contain a valid Authentication Method.
PID4099: SAML AuthenticationStatement does not contain the required SAML Subject.
:ID4100: An unsupported SAML version was encountered: '{0}'
vID4101: The token cannot be validated because it is not a SamlSecurityToken or a Saml2SecurityToken. Token type: '{0}'
ID4102: An element of an unexpected type was encountered. To support extended types in SAML2 assertions, extend Saml2SecurityTokenHandler.
Expected type name: '{0}'
Expected type namespace: '{1}'
Encountered type name: '{2}'
Encountered type namespace: '{3}'
ID4104: An abstract element was encountered which does not specify its concrete type.
Element name: '{0}'
Element namespace: '{1}'
ID4105: A <saml:Statement> element was encountered which specified an unrecognized concrete type. To handle this custom statement, extend Saml2SecurityTokenHandler and override ReadStatement.
Type name: '{0}'
Type namespace: '{1}'
JID4106: A Saml2Assertion with no SAML Statements must have a SAML Subject.
ID4107: The Saml2Assertion Statements collection contains an unrecognized Saml2Statement. To handle custom Saml2Statement objects, extend Saml2SecurityTokenHandler and override WriteStatement.
Type: '{0}'
lID4108: A Saml2Subject that does not specify an NameId cannot have an empty SubjectConfirmations collection.
ID4110: A <saml:'{0}'> contained a <saml:BaseID> element which specified an unrecognized concrete type. To handle this custom type, extend Saml2SecurityTokenHandler and override ReadSubjectID.
Type name: '{1}'
Type namespace: '{2}'
jID4111: A <saml:SubjectConfirmationData> element cannot be empty when of type KeyInfoConfirmationDataType.
ID4112: A <saml:SubjectConfirmationData> element of an unexpected type was encountered. The SubjectConfirmationDataType and KeyInfoConfirmationDataType are handled by default. To handle other types, extend Saml2SecurityTokenHandler and override ReadSubjectConfirmationData.
Type name: '{0}'
Type namespace: '{1}'
ID4113: A <saml:Condition> was encountered which specifies an unrecognized concrete type. To handle a custom Condition, extend Saml2SecurityTokenHandler and override ReadConditions.
ID4114: A <saml:'{0}'> contained unrecognized content. The schema allows arbitrary XML elements on this element without explicit schema extension. To handle the content, extend Saml2SecurityTokenHandler and override Read'{0}'.
LID4115: A <saml:Conditions> element contained more than one '{0}' condition.
4ID4116: NotBefore must be earlier than NotOnOrAfter.
ID4117: When writing the Saml2AuthenticationContext, at least one of ClassReference and DeclarationReference must be set. Set one of these properties before serialization.
ID4118: A <saml:AuthnContextDecl> element was encountered. To handle by-value authentication context declarations, extend Saml2SecurityTokenHandler and override ReadAuthenticationContext. In addition, it may be necessary to extend Saml2AuthenticationContext so that its data model can accommodate the declaration value.
zID4119: The SAML2:AuthenticationStatement, AttributeStatement, and AuthorizationDecisionStatement require a SAML2:Subject.
_ID4120: The <saml:Evidence> element must contain at least one assertion or assertion reference.
dID4121: The SAML2:Action must specify a Resource which is an absolute URI or the empty relative URI.
RID4122: The SAML2:AuthorizationDecisionStatement must specify at least one Action.
~ID4123: An unrecognized value was encountered for the SAML2:AuthorizationDecisionStatement element's Decision attribute: '{0}'
OID4124: The SAML2:AttributeStatement must contain at least one SAML2:Attribute.
+ID4125: An error occurred reading XML data.
ID4126: To handle <wsse:Reference> references for SAML2 assertions, extend Saml2SecurityTokenHandler and override ReadKeyIdentifierClause.
8ID4127: Unexpected ValueType for SAML2 token type: '{0}'
)ID4128: The value is not a valid SAML ID.
ID4129: Cannot write a SAML2 key identifier clause with an implied derived key length other than the default of 32 using WS-SecureConversation.
aID4130: A Saml2SecurityToken cannot be created from the Saml2Assertion because it has no Subject.
mID4131: A Saml2SecurityToken cannot be created from the Saml2Assertion because it has no SubjectConfirmation.
xID4132: A Saml2SecurityToken cannot be created from the Saml2Assertion because it has more than one SubjectConfirmation.
ID4133: A Saml2SecurityToken cannot be created from the Saml2Assertion because it specifies the Bearer confirmation method but identifies keys in the SubjectConfirmationData.
ID4134: A Saml2SecurityToken cannot be created from the Saml2Assertion because it specifies the Holder-of-key confirmation method but identifies no keys in the SubjectConfirmationData.
ID4136: A Saml2SecurityToken cannot be created from the Saml2Assertion because it specifies an unsupported confirmation method: '{0}'
ID4138: No suitable Saml2NameIdentifier could be created for the SAML2:Assertion because tokenDescriptor.Issuer is null or empty.
ID4139: No suitable Saml2NameIdentifier could be created for the SAML2:Subject because more than one Claim of type NameIdentifier was supplied.
ID4140: This Assertion cannot be re-emitted as raw XML. This may be because it was not read from XML in the first place, or because Assertion was changed after it was read, as indicated by a changed Id property.
ID4141: The SAML2:Assertion is not signed. Only signed Assertions are acceptable for this use. If Windows Identity Foundation is used to create the Assertion, create a signed Assertion by setting the SigningCredentials before calling WriteAssertion.
ID4142: The SAML2:Assertion is signed but the signature's KeyIdentifier cannot be resolved to a SecurityToken. Ensure that the appropriate SecurityTokenResolver has been provisioned. To handle advanced token resolution requirements, extend Saml2SecurityTokenHandler and override ResolveIssuerToken.
ID4147: The Saml2SecurityToken is rejected because the SAML2:Assertion's NotBefore condition is not satisfied.
NotBefore: '{0}'
Current time: '{1}'
ID4148: The Saml2SecurityToken is rejected because the SAML2:Assertion's NotOnOrAfter condition is not satisfied.
NotOnOrAfter: '{0}'
Current time: '{1}'
ID4149: The Saml2SecurityToken is rejected because the SAML2:Assertion specifies a OneTimeUse condition. Enforcement of the OneTimeUse condition is not supported by default. To customize the enforcement of Saml2Conditions, extend Saml2SecurityTokenHandler and override ValidateConditions.
ID4150: The Saml2SecurityToken is rejected because the SAML2:Assertion specifies a ProxyRestriction condition. Enforcement of the ProxyRestriction condition is not supported by default. To customize the enforcement of Saml2Conditions, extend Saml2SecurityTokenHandler and override ValidateConditions.
nID4151: The token cannot be validated by the Saml2SecurityTokenHandler because it is not a Saml2SecurityToken.
ID4152: The Saml2SecurityToken cannot be validated because the IssuerToken property is not set. Unsigned SAML2:Assertions cannot be validated.
ID4153: A Saml2SecurityToken cannot be created from the Saml2Assertion because it contains a SubjectConfirmationData which specifies an Address value. Enforcement of this value is not supported by default. To customize SubjectConfirmationData processing, extend Saml2SecurityTokenHandler and override ValidateConfirmationData.
ID4154: A Saml2SecurityToken cannot be created from the Saml2Assertion because it contains a SubjectConfirmationData which specifies an InResponseTo value. Enforcement of this value is not supported by default. To customize SubjectConfirmationData processing, extend Saml2SecurityTokenHandler and override ValidateConfirmationData.
ID4157: A Saml2SecurityToken cannot be created from the Saml2Assertion because it contains a SubjectConfirmationData which specifies a Recipient value. Enforcement of this value is not supported by default. To customize SubjectConfirmationData processing, extend Saml2SecurityTokenHandler and override ValidateConfirmationData.
ID4158: A <saml:EncryptedAttribute> was encountered while processing the attribute statement. To handle encrypted attributes, extend the Saml2SecurityTokenHandler and override ReadAttributeStatement.
FID4159: A Saml2AudienceRestriction must specify at least one Audience.
fID4160: The Saml2SecurityTokenHandler can only write SecurityToken objects of type Saml2SecurityToken.
ID4161: The reader is not positioned on an element that can be read. Call CanReadKeyIdentifierClause to check the element before calling ReadKeyIdentifierClause.
ID4162: The Saml2SecurityTokenHandler can only write SecurityKeyIdentifierClause objects of type Saml2AssertionKeyIdentifierClause.
tID4172: The keyInfoSerializer must return an EncryptedKeyIdentifierClause when reading an xenc:EncryptedKey element.
pID4173: The Saml2Assertion cannot specify ExternalEncryptedKeys unless EncryptingCredentials are also specified.
ID4174: Cannot create a ClaimsPrincipal from this HTTP context because the issuer of the X.509 client certificate was not recognized by the IssuerNameRegistry. To create a ClaimsPrincipal from this certificate, configure the IssuerNameRegistry to return a valid name for the certificate's issuer.
ID4175: The issuer of the security token was not recognized by the IssuerNameRegistry. To accept security tokens from this issuer, configure the IssuerNameRegistry to return a valid name for this issuer.
ID4176: The Saml2SecurityToken is rejected because the SAML2:Assertion's SubjectConfirmationData NotBefore is not satisfied.
NotBefore: '{0}'
Current time: '{1}'
ID4177: The Saml2SecurityToken is rejected because the SAML2:Assertion's SubjectConfirmationData NotOnOrAfter is not satisfied.
NotOnOrAfter: '{0}'
Current time: '{1}'
ID4178: The EncryptingCredentials provided in the SecurityTokenDescriptor is for an asymmetric key. You must use an EncryptedKeyEncryptingCredentials to encrypt the token.
ID4179: The EncryptingCredentials provided in the Scope must be an asymmetric key. You must set an X509EncryptingCredentials on Scope.EncryptingCredentials.
ID4180: A SAML2 assertion that specifies an AuthenticationContext DeclarationReference is not supported. To handle DeclarationReference, extend the Saml2SecurityTokenHandler and override ProcessAuthenticationStatement.
'ID4181: The security token has expired.
,ID4182: The security token is not valid yet.
BID4183: The Security Token failed Audience restriction validation.
ID4184: The EncryptingCredentials provided in the SecurityTokenDescriptor must not be null if Scope.TokenEncryptionRequired is set to true. This can be caused by the Scope specifying an unsupported encryption key type, or by the incoming RequestSecurityToken message containing an unsupported EncryptionAlgorithm. Override CreateSecurityTokenDescriptor if you need to support algorithms other than AES 256.
ID4185: A Saml2SecurityToken cannot be created from the AuthenticationMethod Claim value, '{0}', which will be serialized as the AuthnContextClassRef element. Change the AuthenticationMethod Claim to be an absolute URI.
RID4187: The reader is not positioned on an EncryptedKey element that can be read.
OID4188: The reader is not positioned on a CipherData element that can be read.
ID4189: The reader is not positioned on a DataReference. XmlEnc specifies that once a DataReference is found only a DataReference must exist.
ID4190: The reader is not positioned on a KeyReference. XmlEnc specifies that once a KeyReference is found only a KeyReference must exist.
NID4191: A ReferenceList must contain at least one reference, none were found.
LID4192: The reader is not positioned on a KeyInfo element that can be read.
SID4193: The reader is not positioned on an EncryptedData element that can be read.
DID4200: SAML AuthorityBinding is missing the required AuthorityKind.
SID4201: SAML AuthorityBinding has a AuthorityKind '{0}' that is not a valid format.
IID4202: SAML AuthorityBinding does not contain a valid Binding specified.
JID4203: SAML AuthorityBinding does not contain a valid Location specified.
WID4204: SAML AuthorizationDecisionStatement is missing the required Decision attribute.
WID4205: SAML AuthorizationDecisionStatement is missing the required Resource attribute.
QID4206: SAML AuthorizationDecisionStatement is missing the required SAML Subject.
YID4207: SAML AuthorizationDecisionStatement has more than one Evidence element specified.
\ID4208: SAML AuthorizationDecisionStatement contains an unrecognized element ('{0}', '{1}').
WID4209: SAML AuthorizationDecisionStatement must contain at least one Action specified.
DID4210: SAML Evidence contains a unrecognized element ('{0}'. '{1}')
:ID4211: SAML Evidence must contain at least one Assertion.
EID4212: SAML Attribute must contain at least one SAML AttributeValue.
OID4213: Cannot parse the ClaimType '{0}' into a constituent name and namespace.
AID4216: The ClaimType '{0}' must be of format 'namespace'/'name'.
@ID4217: The given token '{0}' is not of the expected type '{1}'.
ID4218: A Saml2SamlAttributeStatement can only have one Saml2Attribute of type 'Actor'. This special Saml2Attribute is used in delegation scenarios.
ID4220: The SAML Assertion is either not signed or the signature's KeyIdentifier cannot be resolved to a SecurityToken. Ensure that the appropriate issuer tokens are present on the token resolver. To handle advanced token resolution requirements, extend Saml11TokenSerializer and override ReadToken.
ID4221: Cannot write SAML Signature KeyIdentifier '{0}'. For custom clause override Saml11SecurityTokenHandler.WriteSigningKeyInfo.
ID4222: The SamlSecurityToken is rejected because the SamlAssertion.NotBefore condition is not satisfied.
NotBefore: '{0}'
Current time: '{1}'
ID4223: The SamlSecurityToken is rejected because the SamlAssertion.NotOnOrAfter condition is not satisfied.
NotOnOrAfter: '{0}'
Current time: '{1}'
_ID4224: A SecurityTokenHandler that is registered to write a token of type '{0}' was not found.
{ID4225: The SamlSubject '{0}' is different than the SamlSubject present inside another SamlStatement of this SamlAssertion.
hID4227: The token Id '{0}' found in the cookie, does not match the token Id '{1}' found in the envelope.
lID4229: The session Id '{0}' found in the cookie, does not match the session Id '{1}' found in the envelope.
YID4230: The SecurityToken was not well formed. Expecting element name '{0}', found '{1}'.
nID4232: The SecurityToken was not well formed. This version was unexpected '{0}', acceptable version is '{1}'.
*ID4234: Cannot add SecurityToken to cache.
LID4237: The SecurityToken was not well formed, cannot read the cookie bytes.
fID4239: The session cookie must contain an non null Id. The element '{0}' was either empty or missing.
ID4240: The tokenRequirement must derived from 'RecipientServiceModelSecurityTokenRequirement' for SecureConversationSecurityTokens. The tokenRequirement is of type '{0}'.
BID4242: The SecurityContext Id is missing or the element is empty.
zID4243: Could not create a SecurityToken. A token was not found in the token cache and no cookie was found in the context.
^ID4244: Internal error: sessionAuthenticator must support IIssuanceSecurityTokenAuthenticator.
OID4245: Internal error: sessionAuthenticator must support ICommunicationObject.
dID4248: Cannot map Windows user '{0}' to a UserPrincipalName that can be used for S4U impersonation.
?ID4249: The ClaimProperty key cannot be a null or empty string.
&ID4250: The ClaimValue cannot be null.
rID4251: OriginalIssuer cannot be set to String.Empty. If no OriginalIssuer is intended then set the value to null.
@ID4252: The OriginalIssuer attribute cannot have an empty value.
ID4254: The AttributeValueXsiType of a SAML Attribute must be a string of the form 'prefix#suffix', where prefix and suffix are non-empty strings.
ID4255: The SecurityToken is rejected because the validation time is out of range.
ValidTo: '{0}'
ValidFrom: '{1}'
Current time: '{2}'
NID4256: A custom certificate validation mode is not a supported configuration.
GID4257: X.509 certificate '{0}' validation failed by the token handler.
]ID4258: The element '{0}' with Namespace '{1}' does not contain a valid Base64 encoded value.
?ID4259: The SecurityKeyIdentifierClause '{0}' is not supported.
BID4260: The Element ('{0}', '{1}') is not a supported clause type.
ID4261: X509SecurityTokenHandler can serialize SecurityKeyIdentifierClauses only when the property WriteXmlDSigDefinedClauseTypes is set to true.
ZID4262: The SAML NameIdentifier '{0}' is of format '{1}' and its value is not a valid URI.
wID4263: The SAML NameIdentifier '{0}' is of format '{1}' and NameQualifier/SPNameQualifier/SPProvidedID is not omitted.
`ID4264: GetTokenTypeIdentifiers for SecurityTokenHandler type '{0}' cannot return null or empty.
hID4265: The issuer certificate Thumbprint '{0}' already exists in the set of configured trusted issuers.
5ID4266: Request for ClaimsPrincipalPermission failed.
ID4267: IdentityModelServiceAuthorizationManager is being used in a incorrect configuration. The ServiceCredentials type expected in the OperationContext is FederatedServiceCredentials. But the type is '{0}'.
EID4268: MergeClaims must have at least one identity that is not null.
NID4269: A SamlAudienceRestrictionCondition must specify at least one audience.
PID4270: The '{0}' used to create a '{1}' AuthenticationStatement cannot be null.
QID4271: No IAuthorizationPolicy was found for the Transport security token '{0}'.
ID4272: The Configuration property of this SecurityTokenHandler is set to null. Tokens cannot be processed in this state. Set this property or add this SecurityTokenHandler to a SecurityTokenHandlerCollection with a valid Configuration property.
ID4273: SessionSecurityTokenCookieSerializer.BootstrapTokenHandler is set to null. Bootstrap tokens in the SessionSecurityToken cannot be read in this configuration. Set the BootstrapTokenHandler to a valid SecurityTokenHandlerCollection.
ID4274: The Configuration property of this SecurityTokenHandler is set to null. Tokens cannot be read or validated in this state. Set this property or add this SecurityTokenHandler to a SecurityTokenHandlerCollection with a valid Configuration property.
ID4275: The Configuration.IssuerTokenResolver property of this SecurityTokenHandler is set to null. Tokens cannot be read in this state. Set the value of Configuration.IssuerTokenResolver.
ID4276: The Configuration.ServiceTokenResolver property of this SecurityTokenHandler is set to null. Tokens cannot be read in this state. Set the value of Configuration.ServiceTokenResolver.
ID4277: The Configuration.IssuerNameRegistry property of this SecurityTokenHandler is set to null. Tokens cannot be validated in this state.
UID4278: Cannot detect token replays: Configuration.TokenReplayCache property is null.
ID4279: The EncryptedSecurityTokenHandler's ContainingCollection is set to null. EncryptedSecurityTokens cannot be written as the ContainingCollection has the SecurityTokenHandlers required to write the inner token. Set this property to a valid SecurityTokenHandlerCollection.
ID4280: The X509CertificateValidationMode is set to Custom but the CertificateValidator property has not been set. You must set the CertificateValidator property to use a custom validator.
PID4281: Cannot create a WindowsClaimsIdentity from an anonymous WindowsIdentity.
>ID4282: There was an error deserializing a new '{0}' instance.
ID4283: The SecurityTokenHandlerConfiguration for the Default usage has been overwritten. ServiceConfiguration.Initialize() will not set any properties on the configuration for the Default usage.
ID4284: ClaimsPrincipalPermission cannot be used because the Thread.CurrentPrincipal is not an IClaimsPrincipal. ClaimsPrincipalPermission can only be used if Windows Identity Foundation (WIF) is being used. To enable WIF for WCF services, call FederatedServiceCredentials.ConfigureServiceHost(). To enable WIF for ASP.NET, add one of the following modules: ClaimsPrincipalHttpModule or WSFederationAuthenticationModule.
sID4285: Cannot replace SecurityToken with Id '{0}' in cache with new one. Token must exist in cache to be replaced.
@ID4286: Cannot generate a key for adding the token to the cache.
GID4287: The SecurityTokenRequirement '{0}' doesn't contain a ListenUri.
AID4289: Unrecognized Claim in the incoming cookie ('{0}', '{1}').
2ID4290: Cannot serialize unrecognized Claim '{0}'.
GID4291: The security token '{0}' is not scoped to the current endpoint.
ID5001: The Realm property on the FederatedPassiveSignIn control must be set to a valid URI. The value of this property is used to construct 'wtrealm', a parameter required by the WS-Federation Passive protocol.
ID5002: The Issuer property on the FederatedPassiveSignIn control must be set to the address of an STS endpoint that can process WS-Federation passive protocol messages.
ID5003: FederatedPassiveSignIn.UseFederationPropertiesFromConfiguration is true. However, a valid WSFederationAuthenticationElement could not be retrieved from configuration.
&ID5004: Unrecognized namespace: '{0}'.
3ID5005: Cannot retrieve value for parameter: '{0}'.
EID5007: The returnUrl specified for request redirection is not valid.
4ID5008: This event is not supported by this control.
CID5014: Control of type '{0}' does not support the Focus operation.
zID5015: Cross-application redirect to '{0}' is not allowed. You may enable at FormsAuthentication.EnableCrossAppRedirects.
TID5016: The SignIn control requires https. Access the page over an https connection.
ID5020: The value specified for the Freshness property on the FederatedPassiveSignIn control is not valid. If specified, the Freshness property must be set to a number greater than or equal to zero.
ID5022: The AutoSignIn property is set to true on more than one SignIn control. Only one SignIn control per page can have AutoSignIn enabled.
ID5023: The WS-Federation SignIn message received by the FederatedPassiveTokenService control is missing the required 'wtrealm' parameter.
ID5024: The ReplyTo Address for the Relying Party was either not set or not a valid absolute URI. Override the SecurityTokenService.GetScope() method to supply the appropriate Scope.ReplyToAddress.
7ID6000: No CipherData present in EncryptedData element.
QID6001: The key identifier must be set before writing the encrypted data element.
IID6002: The given key size in bits is '{0}' which is not a multiple of 8.
9ID6003: No input is set for writing canonicalized output.
@ID6004: The '{0}' input type is not supported for the transform.
RID6005: Exclusive Canonicalization transform does not support the algorithm '{0}'.
/ID6006: Unsupported Canonicalization algorithm.
:ID6007: At least one reference is required in a signature.
LID6008: Cannot resolve the '{0}' URI in the signature to compute the digest.
xID6009: The element with id '{0}' is required to be signed, but was either not signed or the signature did not validate.
XID6010: Cannot create a KeyedHashAlgorithm from '{0}' for the signature algorithm '{1}'.
>ID6011: Cannot create a HashAlgorithm for the '{0}' algorithm.
eID6012: Cannot create a signature formatter for the '{0}' algorithm from the '{1}' asymmetric crypto.
*ID6013: The signature verification failed.
cID6014: Cannot create a KeyedHashAlgorithm for the '{0}' algorithm from the '{1}' symmetric crypto.
:ID6015: The ICrypto implementation '{0}' is not supported.
gID6016: Cannot create a signature deformatter for the '{0}' algorithm from the '{1}' asymmetric crypto.
CID6017: The Transforms element must contain at least one transform.
7ID6018: Digest verification failed for reference '{0}'.
bID6019: The length of the EncryptedData cipher text is '{0}' bytes. Expected at least '{1}' bytes.
3ID6020: The empty transform chain is not supported.
(ID6021: Unsupported transform algorithm.
4ID6022: The digest algorithm '{0}' is not supported.
2ID6023: The reader is not positioned on a element.
;ID6024: The '{0}' node type in '{1}' name is not supported.
ID6025: XmlTokenBuffer is empty.
ID6027: Enveloped Signature Transform cannot be the last transform in the chain. The last transform must compute the digest which Enveloped Signature transform is not capable of.
KID6028: Enveloped Signature Transform does not support the algorithm '{0}'.
bID6029: No 'root' element found. Cannot add signature as the root element in enveloped signatures.
+ID6030: A signature has already been added.
$ID6031: The key size cannot be zero.
6ID6033: The specified key size '{0}' is not supported.
6ID6034: Cannot create a HashAlgorithm with name '{0}'.
ID6035: Cannot create a HashAlgorithm with name '{0}' using the '{1}' crypto provider. SHA256 may require a minimum platform of Windows Server 2003 and .NET 3.5 SP1.
ZID6036: Cannot verify the RSA cookie signature because there are no verification RSA keys.
0ID6037: Cannot create algorithm with name '{0}'.
DID6038: The algorithm '{0}' is not FIPS compliant, exception: '{1}'.
UID6039: Cannot decrypt the encrypted RSA cookie because there are no decryption keys.
^ID6040: The RSA key used to encrypt the RSA cookie was not found in the given decryption keys.
(ID6041: The provided RSA key is invalid.
9ID6042: Cannot sign data because the signing key is null.
?ID6043: Cannot encrypt data because the encryption key is null.
aID6044: The cookie transform was passed a byte array of length zero and cannot encode zero bytes.
aID6045: The cookie transform was passed a byte array of length zero and cannot decode zero bytes.
@ID6046: Cannot sign data because the signing key is public only.
UID6047: The cookie transform failed to decrypt the AES key and initialization vector.
BID6048: Cannot generate a strong triple-DES key in {0} iterations.
ID7000: Unexpected element found in configuration. Expected element '{0}' but found '{1}'. For custom configuration override the appropriate SecurityTokenHandler and provide a constructor that takes an XmlElement as input parameter.
ID7001: Configuration errors. SecurityTokenHandler custom configuration has the element '{0}' which expects only one attribute '{1}'.
{ID7002: Configuration errors. SecurityTokenHandler custom configuration has unrecognized element '{0}' as a child of '{1}'.
RID7004: Configuration errors. Unrecognized attribute '{0}' found in element '{1}'.
AID7005: Configuration errors. A single '{0}' element is expected.
xID7006: Unexpected element found in configuration. Username custom configuration expected element '{0}' but found '{1}'.
qID7007: The type '{0}' cannot be resolved. Verify the spelling is correct or that the full type name is provided.
<ID7008: The converter cannot convert values with type '{0}'.
GID7009: You cannot call ServiceConfiguration.Initialize more than once.
\ID7010: Configuration errors. The element '{0}' must contain the following attributes '{1}'.
eID7011: Configuration errors. The attribute '{0}' found in element '{1}' does not have a valid value.
rID7012: No <service> element with the name '{0}' was found in the <microsoft.identityModel> configuration section.
GID7013: Cannot cast the input ConfigurationElement to a ServiceElement.
cID7015: Cannot create a valid SecurityTokenCache instance from the type specified in configuration.
ID7017: Cannot set the TokenLifetime on the SessionSecurityTokenHandler from the following value specified in configuration: '{0}'.
vID7018: The lifetime attribute on the sessionTokenRequirement configuration element cannot be set to a negative value.
ID7019: More than one configuration element found under SecurityTokenHandler '{0}'. The token handler can process only one XmlElement node for custom configuration.
ID7021: Cannot set the UseWindowsTokenService boolean flag on the SessionSecurityTokenHandler from the following value specified in configuration: '{0}'.
ID7022: Cannot set the MapToWindows boolean flag on the SamlSecurityTokenRequirement from the following value specified in configuration: '{0}'.
ID7023: Cannot set the UseWindowsTokenService boolean flag on the SamlSecurityTokenRequirement from the following value specified in configuration: '{0}'.
sID7024: Cannot set the size of the security token cache from the following value specified in configuration: '{0}'.
ID7025: The securityTokenCacheSize attribute on the sessionTokenRequirement configuration element cannot be set to a negative value.
\ID7026: Security token handler configuration has the element '{0}' specified more than once.
vID7027: Could not load the service configuration because no <microsoft.identityModel> configuration section was found.
jID7028: 'Custom' was specified as the certificate validation mode, but no custom validator type was found.
ID8000: There was no default SecurityTokenHandler available to serialize a bootstrap token of type '{0}' in the ClaimsIdentity.
ID8001: There was no default SecurityTokenHandler available to deserialize the bootstrap token that was found in the ClaimsIdentity or WindowsClaimsIdentity.
mID8002: WindowsClaimsPrincipal.IsInRole failed to map role('{0}') to a SecurityIdentifier.
Exception is:
7ID8003: Cache purged: SizeBefore='{0}' SizeAfter='{1}'.
fID8004: The ClaimsPrincipal property key ('{0}') was unavailable to AuthorizationPolicy, PrincipalKey.
ID8005: An unrecognized element was encountered in a SAML11 <Advice> element.
This element will be ignored. To handle the element, extend Saml11SecurityTokenHandler and override ReadAdvice. Element name='{0}' namespace='{1}'.
ID8006: An unrecognized element was encountered in a SAML2 <Advice> element.
This element will be ignored. To handle the element, extend Saml2SecurityTokenHandler and override ReadAdvice. Element name='{0}' namespace='{1}'.
IID8007: Rejecting AudienceRestrictionCondition with multiple audiences:
xID8008: The outbound cookie is being broken into 20 or more chunks. This is unlikely to be supported by the web browser.
^ID8012: SignOut failed. ID='{0}', Exception:
Exception will be passed to 'OnSignOutError'.
\ID8013: SignIn failed. ID='{0}', Exception:
Exception will be passed to 'OnSignInError'.
ID8020: FederatedPassiveSecurityTokenServiceOperations.ProcessRequest failed with Exception:
If an error handler has been set it will be called.
vID8021: SessionAuthenticationModule: Terminating session because of FederatedAuthenticationSessionEndingException:
ID8022: WSFederationAuthenticationModule.SignOut failed with Exception:
If an error handler for OnSignOutError been set it will be called.
qID8023: Element: name='{0}' namespace='{1}' was encountered in a <KeyInfo> element: '{2}' and was not processed.
{ID8024: Element: name='{0}' namespace='{1}' was encountered in an <EncryptionMethod> element: '{2}' and was not processed.
IThe name of a locality, such as a city, county or other geographic region
#Mobile telephone number of a person
Mobile Phone
No Certificate Configured
.Secondary or work telephone number of a person
Other Phone
A private personal identifier
7Postal code or zip code component of a physical address
Postal Code
%Roles or groups the person belongs to
Sign in
Sign out
The type of the signin button.
:The URL of an image to be displayed for the signin button.
+The text to be shown for the signin button.
%The action to take after signing out.
Raised if the signout fails.
;The URL of an image to be displayed for the signout button.
(The URL redirected to after signing out.
,The text to be shown for the signout button.
Signed in
$Raised after the user is signed out.
Signed out
%Raised before the user is signed out.
To enable automatic signin.
+The padding from the border of the control.
The style of the checkbox.
'Your signin attempt was not successful.
Remember me next time.
Sign in
Sign in
<The URL that the user is directed to upon successful signin.
.True if the remember me checkbox is displayed.
/The action to take when a signin attempt fails.
1The text to be shown when a signin attempt fails.
The style of the error text.
Invoke FedUtil...
Federation Utility cannot be invoked when the UseFederationPropertiesFromConfiguration property on the control is set to false.
An error occurred while trying to run the Federation Utility. Ensure that the Windows Identity Foundation SDK is correctly installed.
"The general layout of the control.
2Raised before redirecting to an identity provider.
6Whether the remember me checkbox is initially checked.
2The text to be shown for the remember me checkbox.
Require https.
*Raised after the session token is created.
Show image on the signin button.
The style of the signin button.
The type of the signin button.
This context for the signin.
Raised if the signin fails.
:The URL of an image to be displayed for the signin button.
$The signin mode (session or single).
+The text to be shown for the signin button.
#Raised after the user is signed in.
#The text to be shown for the title.
The style of the title text.
#Raised after the token is received.
$Raised after the token is validated.
=True if the control remains visible when a user is signed in.
AThe client-side script that is executed on a client-side OnClick.
=Abbreviation for state or province name of a physical address
.Street address component of a physical address
Street
The family name of a person
Last Name
AppDomain unloading.
Authorize
Deleting Cookie
Reading Cookie
Writing Cookie
+Computing and checking digest of reference.
Return url from response: '{0}'
Handled exception.
OnAuthorizeRequest Failed.
OnAuthorizeRequest Succeeded.
5OnEndRequest is redirection to IdentityProvider '{0}'
YHttpRequest.QueryString in FederatedPassiveSecurityTokenServiceOperations.ProcessRequest.
&Redirecting to IdentityProvider: '{0}'
.CanReadSignInResponse is redirecting to '{0}'.
dThe redirection url '{0}' is not trusted. Redirecting to the issuer url '{1}' of the Security Token.
3Setting Thread.CurrentPrincipal from session token.
<Setting an IClaimsPrincipal on the current EvaluationContext
.HttpRequest.Form in SignInWithResponseMessage.
:Default handlers cannot write SecurityToken of type '{0}'.
Unhandled exception.
Validating SecurityToken.
Views:
Changes the current view
Web Page
Web Page6
HGP[Z_]^`agnfnkRQ?;0#1#/9
2IdO: ,
!iJmmmmmmmon$
' loooooooooon
' looooooooooon
(hoooooooooom
eJmmmmmmmom
)7cE<3
8=W>ADBKLNSUTVXY\F@
IDAThC
tDCj#M
25sGqw4
IDAT8O
+b)XAP
!zOkyB
zzzgggggg
tEXtComment
Created with GIMPW
HIDATX
1 +G{X
]o-lg!
B vrB
tEXtComment
Created with GIMPW
GIF89a
HGP[Z_]^`agnfnkRQ?;0#1#/9
2IdO: ,
!iJmmmmmmmon$
' loooooooooon
' looooooooooon
(hoooooooooom
eJmmmmmmmom
)7cE<3
8=W>ADBKLNSUTVXY\F@
v4.0.30319
#Strings
LogonUser
GetTokenInformation
LookupPrivilegeValueW
AdjustTokenPrivileges
RevertToSelf
OpenProcessToken
OpenThreadToken
GetCurrentProcess
GetCurrentThread
DuplicateTokenEx
SetThreadToken
LsaRegisterLogonProcess
LsaConnectUntrusted
LsaNtStatusToWinError
LsaLookupAuthenticationPackage
AllocateLocallyUniqueId
LsaFreeReturnBuffer
LsaLogonUser
LsaDeregisterLogonProcess
TranslateName
ImpersonateAnonymousToken
CloseHandle
CertCreateCertificateContext
CertOpenStore
CertCloseStore
CertFreeCertificateContext
CertAddCertificateLinkToStore
CertGetCertificateChain
CertVerifyCertificateChainPolicy
CertFreeCertificateChain
BCryptGetFipsAlgorithmMode
pstol1
TWebControl
Closed
Closing
Faulted
Opened
Opening
_requestFailed
RequestFailed
ServiceConfigurationCreated
SessionSecurityTokenCreated
SessionSecurityTokenReceived
SigningOut
SignedOut
SignOutError
SecurityTokenReceived
SecurityTokenValidated
SignedIn
SignInError
RedirectingToIdentityProvider
AuthorizationFailed
CheckedChanged
GetAction
ID0001
ID0002
ID0003
ID0005
ID0006
ID0007
ID0008
ID0009
ID0010
ID0011
ID0012
ID0013
ID0014
ID0015
ID0016
ID0017
ID0018
ID0019
ID0020
ID0021
ID0022
ID1001
ID1002
ID1003
ID1004
ID1005
ID1012
ID1013
ID1014
ID1016
ID1020
ID1022
ID1024
ID1025
ID1027
ID1028
ID1029
ID1030
ID1032
ID1033
ID1034
ID1035
ID1036
ID1037
ID1038
ID1039
ID1043
ID1044
ID1045
ID1046
ID1047
ID1048
ID1050
ID1052
ID1053
ID1054
ID1055
ID1056
ID1057
ID1058
ID1059
ID1060
ID1061
ID1062
ID1063
ID1064
ID1065
ID1066
ID1067
ID1068
ID1069
ID1070
ID1071
ID1072
ID1073
ID1074
ID2000
ID2001
ID2002
ID2003
ID2004
ID2005
ID2007
ID2008
ID2009
ID2010
ID2011
ID2012
ID2013
ID2014
ID2015
ID2016
ID2017
ID2018
ID2027
ID2028
ID2029
ID2030
ID2037
ID2039
ID2041
ID2042
ID2043
ID2044
ID2045
ID2046
ID2047
ID2048
ID2049
ID2050
ID2051
ID2052
ID2053
ID2055
ID2056
ID2057
ID2058
ID2059
ID2064
ID2069
ID2070
ID2072
ID2073
ID2074
ID2075
ID2076
ID2077
ID2078
ID2079
ID2080
ID2081
ID2082
ID2083
ID2084
ID2085
ID2086
ID2087
ID2088
ID2089
ID2090
ID2091
ID2092
ID2093
ID2094
ID2095
ID2096
ID2097
ID2098
ID2099
ID2100
ID2101
ID2102
ID2103
ID2104
ID3000
ID3001
ID3002
ID3003
ID3004
ID3005
ID3006
ID3007
ID3009
ID3010
ID3011
ID3012
ID3013
ID3014
ID3015
ID3016
ID3017
ID3019
ID3020
ID3021
ID3022
ID3023
ID3024
ID3025
ID3026
ID3027
ID3029
ID3030
ID3031
ID3032
ID3033
ID3034
ID3035
ID3037
ID3039
ID3040
ID3041
ID3042
ID3043
ID3044
ID3045
ID3046
ID3047
ID3049
ID3050
ID3051
ID3052
ID3053
ID3054
ID3057
ID3059
ID3060
ID3061
ID3062
ID3063
ID3064
ID3065
ID3066
ID3067
ID3068
ID3069
ID3070
ID3074
ID3079
ID3080
ID3082
ID3087
ID3089
ID3091
ID3092
ID3094
ID3095
ID3096
ID3097
ID3098
ID3112
ID3113
ID3114
ID3115
ID3116
ID3117
ID3123
ID3124
ID3125
ID3126
ID3127
ID3128
ID3129
ID3130
ID3135
ID3136
ID3137
ID3138
ID3139
ID3140
ID3141
ID3142
ID3143
ID3144
ID3146
ID3147
ID3148
ID3149
ID3150
ID3151
ID3152
ID3153
ID3154
ID3155
ID3156
ID3157
ID3158
ID3159
ID3160
ID3161
ID3162
ID3163
ID3164
ID3165
ID3166
ID3171
ID3172
ID3173
ID3174
ID3175
ID3176
ID3177
ID3178
ID3179
ID3180
ID3181
ID3182
ID3183
ID3184
ID3185
ID3186
ID3187
ID3188
ID3189
ID3190
ID3191
ID3192
ID3193
ID3194
ID3195
ID3196
ID3197
ID3198
ID3199
ID3200
ID3201
ID3202
ID3203
ID3204
ID3205
ID3206
ID3207
ID3208
ID3209
ID3210
ID3211
ID3212
ID3215
ID3216
ID3217
ID3218
ID3219
ID3220
ID3221
ID3222
ID3223
ID3224
ID3225
ID3226
ID3227
ID3228
ID3233
ID3234
ID3235
ID3236
ID3237
ID3238
ID3239
ID3240
ID3241
ID3242
ID3243
ID3244
ID3245
ID3246
ID3247
ID3248
ID3249
ID3250
ID3251
ID3252
ID3253
ID3254
ID3255
ID3256
ID3257
ID3258
ID3259
ID3260
ID3261
ID3262
ID3263
ID3264
ID3265
ID3266
ID3267
ID3268
ID3269
ID3270
ID3272
ID3273
ID3274
ID3275
ID3276
ID3277
ID3278
ID3279
ID3280
ID3281
ID3282
ID3283
ID3284
ID3285
ID3286
ID3287
ID4001
ID4002
ID4003
ID4004
ID4005
ID4007
ID4008
ID4010
ID4011
ID4013
ID4014
ID4020
ID4022
ID4023
ID4024
ID4025
ID4028
ID4029
ID4030
ID4031
ID4034
ID4035
ID4036
ID4037
ID4038
ID4039
ID4040
ID4041
ID4046
ID4050
ID4051
ID4052
ID4053
ID4056
ID4058
ID4059
ID4060
ID4061
ID4062
ID4063
ID4064
ID4065
ID4066
ID4067
ID4068
ID4069
ID4070
ID4071
ID4072
ID4073
ID4075
ID4076
ID4077
ID4078
ID4079
ID4080
ID4081
ID4082
ID4083
ID4084
ID4085
ID4086
ID4087
ID4088
ID4089
ID4090
ID4091
ID4092
ID4093
ID4094
ID4095
ID4096
ID4097
ID4098
ID4099
ID4200
ID4201
ID4202
ID4203
ID4204
ID4205
ID4206
ID4207
ID4208
ID4209
ID4210
ID4211
ID4212
ID4213
ID4216
ID4217
ID4218
ID4220
ID4221
ID4222
ID4223
ID4224
ID4225
ID4227
ID4229
ID4230
ID4232
ID4234
ID4237
ID4239
ID4240
ID4242
ID4243
ID4244
ID4245
ID4248
ID4249
ID4250
ID4251
ID4252
ID4254
ID4255
ID4256
ID4257
ID4258
ID4259
ID4260
ID4261
ID4262
ID4263
ID4264
ID4265
ID4266
ID4267
ID4268
ID4269
ID4270
ID4271
ID4272
ID4273
ID4274
ID4275
ID4276
ID4277
ID4278
ID4279
ID4280
ID4281
ID4282
ID4283
ID4284
ID4285
ID4286
ID4287
ID4289
ID4290
ID4291
ID4100
ID4101
ID4102
ID4104
ID4105
ID4106
ID4107
ID4108
ID4110
ID4111
ID4112
ID4113
ID4114
ID4115
ID4116
ID4117
ID4118
ID4119
ID4120
ID4121
ID4122
ID4123
ID4124
ID4125
ID4126
ID4127
ID4128
ID4129
ID4130
ID4131
ID4132
ID4133
ID4134
ID4136
ID4138
ID4139
ID4140
ID4141
ID4142
ID4147
ID4148
ID4149
ID4150
ID4151
ID4152
ID4153
ID4154
ID4157
ID4158
ID4159
ID4160
ID4161
ID4162
ID4172
ID4173
ID4174
ID4175
ID4176
ID4177
ID4178
ID4179
ID4180
ID4181
ID4182
ID4183
ID4184
ID4185
ID4187
ID4188
ID4189
ID4190
ID4191
ID4192
ID4193
ID5001
ID5002
ID5003
ID5004
ID5005
ID5007
ID5008
ID5014
ID5015
ID5016
ID5020
ID5022
ID5023
ID5024
ID6000
ID6001
ID6002
ID6003
ID6004
ID6005
ID6006
ID6007
ID6008
ID6009
ID6010
ID6011
ID6012
ID6013
ID6014
ID6015
ID6016
ID6017
ID6018
ID6019
ID6020
ID6021
ID6022
ID6023
ID6024
ID6025
ID6027
ID6028
ID6029
ID6030
ID6031
ID6033
ID6034
ID6035
ID6036
ID6037
ID6038
ID6039
ID6040
ID6041
ID6042
ID6043
ID6044
ID6045
ID6046
ID6047
ID6048
ID7000
ID7001
ID7002
ID7004
ID7006
ID7005
ID7007
ID7008
ID7009
ID7010
ID7011
ID7012
ID7013
ID7015
ID7017
ID7018
ID7019
ID7021
ID7022
ID7023
ID7024
ID7025
ID7026
ID7027
ID7028
NoCert
GivenNameText
SurnameText
EmailAddressText
StreetAddressText
LocalityText
StateOrProvinceText
PostalCodeText
CountryText
HomePhoneText
OtherPhoneText
MobilePhoneText
DateOfBirthText
GenderText
PPIDText
WebPageText
NameText
RoleText
GivenNameDescription
SurnameDescription
EmailAddressDescription
StreetAddressDescription
LocalityDescription
StateOrProvinceDescription
PostalCodeDescription
CountryDescription
HomePhoneDescription
OtherPhoneDescription
MobilePhoneDescription
DateOfBirthDescription
GenderDescription
PPIDDescription
WebPageDescription
NameDescription
RoleDescription
Category_Action
Category_Appearance
Category_Behavior
Category_FederatedPassive
Category_Layout
Category_Styles
SignIn_RedirectingToIdentityProvider
SignIn_SignedIn
SignIn_TokenReceived
SignIn_TokenValidated
SignIn_SessionTokenCreated
SignIn_DefaultErrorText
SignIn_DefaultSignInText
SignIn_DefaultTitleText
SignIn_TitleText
SignIn_DestinationPageUrl
SignIn_SignInError
SignIn_ErrorAction
SignIn_ErrorText
SignIn_Orientation
SignIn_RequireHttps
SignIn_SignInImageUrl
SignIn_SignInButtonStyle
SignIn_SignInButtonType
SignIn_SignInText
SignIn_SignInContext
SignIn_BorderPadding
SignIn_TitleTextStyle
SignIn_ErrorTextStyle
SignIn_VisibleWhenSignedIn
SignIn_AutoSignIn
SignIn_SignInMode
SignIn_DefaultRememberMeText
SignIn_DisplayRememberMe
SignIn_RememberMeSet
SignIn_RememberMeText
SignIn_CheckBoxStyle
SignIn_ShowButtonImage
SignIn_InvokeFedUtil
SignIn_InvokeFedUtilError
SignIn_InvokeFedUtilErrorConfigProperty
SignIn_InvokeFedUtilErrorGeneric
SimpleButton_OnClientClick
SignInStatus_SignInText
SignInStatus_SignOutPageUrl
SignInStatus_SignOutAction
SignInStatus_SignOutText
SignInStatus_SignedOut
SignInStatus_SigningOut
SignInStatus_SignOutError
SignInStatus_DefaultSignInText
SignInStatus_DefaultSignOutText
SignInStatus_SignInButtonType
SignInStatus_SignInImageUrl
SignInStatus_SignOutImageUrl
SignInStatus_SignedOutView
SignInStatus_SignedInView
FederatedPassiveSignIn_HomeRealm
FederatedPassiveSignIn_Issuer
FederatedPassiveSignIn_Realm
FederatedPassiveSignIn_Reply
FederatedPassiveSignIn_Resource
FederatedPassiveSignIn_Request
FederatedPassiveSignIn_RequestPtr
FederatedPassiveSignIn_Freshness
FederatedPassiveSignIn_AuthenticationType
FederatedPassiveSignIn_Policy
FederatedPassiveSignIn_SignInQueryString
FederatedPassiveSignIn_UseFederationPropertiesFromConfiguration
FederatedPassiveSignIn_PropertySetWarning
FederatedPassiveSignIn_UseFederationPropertiesSet
FederatedPassiveSignIn_Property_Information
WebControls_Views
WebControls_ViewsDescription
HtmlPostTitle
HtmlPostNoScriptButtonText
HtmlPostNoScriptMessage
EventLogTraceFailedWithExceptionMessage
EventLogTraceFailedWithoutExceptionMessage
TraceUnhandledException
TraceHandledException
TraceAppDomainUnload
TracePassiveOperationProcessRequest
TraceDigestOfReference
TraceUnableToWriteToken
TraceValidateToken
TraceSetPrincipalFromSessionToken
TraceSetPrincipalOnEvaluationContext
TraceResponseRedirect
TraceResponseRedirectNotTrusted
TraceOnEndRequestRedirect
TraceAuthorize
TraceOnAuthorizeRequestFailed
TraceOnAuthorizeRequestSucceed
TraceGetReturnUrlFromResponse
TraceRedirectArgsSignInRequestMessageRequestUrl
TraceSignInWithResponseMessage
TraceChunkedCookieHandlerWriting
TraceChunkedCookieHandlerReading
TraceChunkedCookieHandlerDeleting
ID8000
ID8001
ID8002
ID8003
ID8004
ID8005
ID8006
ID8007
ID8008
ID8012
ID8013
ID8020
ID8021
ID8022
ID8023
ID8024
s_instance
s_syncRoot
_items
_capacity
_purgeInterval
_readWriteLock
_lastPurgeTime
_instance
_fipsPolicyRegistryKey
WindowsVistaMajorNumber
_syncObject
_fipsPolicyState
_random
Accepted
Generated
Instance
SoapSenderFaultCode
_exceptionMap
_maxKeyIterations
_owner
DefaultTokenCacheSize
_maximumSize
_mruEntry
_mruList
_sizeAfterPurge
_syncRoot
value__
ERROR_SUCCESS
ERROR_INSUFFICIENT_BUFFER
ERROR_NO_TOKEN
ERROR_NONE_MAPPED
NameUnknown
NameFullyQualifiedDN
NameSamCompatible
NameDisplay
NameUniqueId
NameCanonical
NameUserPrincipalName
NameCanonicalEx
NameServicePrincipalName
NameDnsDomainName
TokenUser
TokenGroups
TokenPrivileges
TokenOwner
TokenPrimaryGroup
TokenDefaultDacl
TokenSource
TokenType
TokenImpersonationLevel
TokenStatistics
TokenRestrictedSids
TokenSessionId
TokenGroupsAndPrivileges
TokenSessionReference
TokenSandBoxInert
Attributes
SizeOf
GroupCount
Groups
PrimaryGroup
LowPart
HighPart
PrivilegeCount
Privilege
Length
MaxLength
Buffer
MessageType
UserPrincipalName
DomainName
CertificateLength
Certificate
TOKEN_SOURCE_LENGTH
SourceIdentifier
KerbInteractiveLogon
KerbSmartCardLogon
KerbWorkstationUnlockLogon
KerbSmartCardUnlockLogon
KerbProxyLogon
KerbTicketLogon
KerbTicketUnlockLogon
KerbS4ULogon
KerbCertificateLogon
KerbCertificateS4ULogon
KerbCertificateUnlockLogon
PagedPoolLimit
NonPagedPoolLimit
MinimumWorkingSetSize
MaximumWorkingSetSize
PagefileLimit
TimeLimit
Anonymous
Identification
Impersonation
Delegation
TokenPrimary
TokenImpersonation
Interactive
Network
Service
Unlock
TOKEN_READ
TOKEN_IMPERSONATE
ADVAPI32
KERNEL32
SECUR32
STATUS_ACCOUNT_RESTRICTION
KERB_CERTIFICATE_S4U_LOGON_FLAG_CHECK_LOGONHOURS
ERROR_ACCESS_DENIED
ERROR_BAD_LENGTH
SE_GROUP_ENABLED
SE_GROUP_USE_FOR_DENY_ONLY
SE_GROUP_LOGON_ID
LsaSourceName
LsaKerberosName
_properties
SeAuditPrivilege
SeTcbPrivilege
SE_PRIVILEGE_DISABLED
SE_PRIVILEGE_ENABLED_BY_DEFAULT
SE_PRIVILEGE_ENABLED
SE_PRIVILEGE_USED_FOR_ACCESS
ERROR_NOT_ALL_ASSIGNED
_luids
_privilege
_needToRevert
_initialEnabled
_isImpersonating
_threadToken
Prefix
NamespaceUri
ClaimValueTypeSerializationPrefix
ClaimValueTypeSerializationPrefixWithColon
RandomSaltSize
NcNamePrefix
UuidUriPrefix
_reusableUuid
_optimizedNcNamePrefix
DefaultChainPolicyOID
_useMachineContext
_chainPolicy
_chainPolicyOID
_certificateValidationMode
_validator
LanguageNamespaceUri
LanguagePrefix
LanguageLocalname
LanguageAttribute
_action
_resource
_principal
_address
_authContexts
_dnsName
_notOnOrAfter
_session
Namespace
HardwareToken
Kerberos
Password
SecureRemotePassword
Signature
Smartcard
SmartcardPki
TlsClient
Unspecified
Windows
Saml11
Federation
Negotiate
_issuer
_originalIssuer
_subject
_value
_valueType
_claims
CS$<>9__CachedAnonymousMethodDelegate1
CS$<>9__CachedAnonymousMethodDelegate3
_claimSets
_expirationTime
DefaultNameClaimType
DefaultIssuer
_authenticationType
_actor
_label
_nameClaimType
_roleClaimType
_bootstrapToken
_bootstrapTokenString
_collection
ActorKey
AuthenticationTypeKey
BootstrapTokenKey
ClaimsKey
LabelKey
NameClaimTypeKey
RoleClaimTypeKey
_context
SamlAttributeDisplayName
SamlAttributeNameFormat
SamlNameIdentifierFormat
SamlNameIdentifierNameQualifier
SamlNameIdentifierSpNameQualifier
SamlNameIdentifierSpProvidedId
_identities
_resourceActions
_operation