Export (0) Print
Expand All

<issuerTokenResolver>

.NET Framework 4.5

Registers the issuer token resolver that is used by handlers in the token handler collection. The issuer token resolver is used to resolve the signing token on incoming tokens and messages.

<system.identityModel>
  <identityConfiguration>
    <securityTokenHandlers>
      <securityTokenHandlerConfiguration>
        <issuerTokenResolver>
<system.identityModel>
  <identityConfiguration>
    <securityTokenHandlers>
      <securityTokenHandlerConfiguration>
        <issuerTokenResolver type=xs:string>
        </issuerTokenResolver>
      </securityTokenHandlerConfiguration>
    </securityTokenHandlers>
  </identityConfiguration>
</system.identityModel>

The following sections describe attributes, child elements, and parent elements.

Attributes

Attribute

Description

type

Specifies the type of the issuer token resolver. Must be either the IssuerTokenResolver class or a type that derives from the IssuerTokenResolver class. For more information about how to specify the type attribute, see Custom Type References. Required.

Child Elements

None

Parent Elements

Element

Description

<securityTokenHandlerConfiguration>

Provides configuration for a collection of security token handlers.

The issuer token resolver is used to resolve the signing token on incoming tokens and messages. It is used to retrieve the cryptographic material that is used for checking the signature. You must specify the type attribute. The type specified can be either IssuerTokenResolver or a custom type that derives from the IssuerTokenResolver class.

Some token handlers allow you to specify issuer token resolver settings in configuration. Settings on individual token handlers override those specified on the security token handler collection.

NoteNote

Specifying the <issuerTokenResolver> element as a child element of the <identityConfiguration> element has been deprecated, but is still supported for backward compatibility. Settings on the <securityTokenHandlerConfiguration> element override those on the <identityConfiguration> element.

The following XML shows configuration for an issuer token resolver that is based on a custom class that derives from IssuerTokenResolver. The token resolver maintains a dictionary of audience-key pairs that is initialized from a custom configuration element (<AddAudienceKeyPair>) defined for the class. The class overrides the LoadCustomConfiguration method to process this element. The override is shown in the following example; however, the methods it calls are not shown for brevity. For the complete example, see the CustomToken sample.

      <issuerTokenResolver type="SimpleWebToken.CustomIssuerTokenResolver, SimpleWebToken">
        <AddAudienceKeyPair  symmetricKey="wAVkldQiFypTQ+kdNdGWCYCHRcee8XmXxOvgmak8vSY=" audience="http://localhost:19851/" />
      </issuerTokenResolver>
        public override void LoadCustomConfiguration(System.Xml.XmlNodeList nodelist)
        {
            foreach (XmlNode node in nodelist)
            {
                XmlDictionaryReader rdr = XmlDictionaryReader.CreateDictionaryReader(new XmlTextReader(new StringReader(node.OuterXml)));
                rdr.MoveToContent();
                
                string symmetricKey = rdr.GetAttribute("symmetricKey");
                string audience = rdr.GetAttribute("audience");
                
                this.AddAudienceKeyPair(audience, symmetricKey);
            }
        }
Show:
© 2014 Microsoft