Export (0) Print
Expand All

ValidatingIssuerNameRegistry Class

Represents a class that validates security token issuer names.

System.IdentityModel.Tokens.IssuerNameRegistry
  System.IdentityModel.Tokens.ValidatingIssuerNameRegistry

Namespace:  System.IdentityModel.Tokens
Assembly:  System.IdentityModel.Tokens.ValidatingIssuerNameRegistry (in System.IdentityModel.Tokens.ValidatingIssuerNameRegistry.dll)

public class ValidatingIssuerNameRegistry : IssuerNameRegistry

The ValidatingIssuerNameRegistry type exposes the following members.

  NameDescription
Public methodValidatingIssuerNameRegistry()Instantiates a new ValidatingIssuerNameRegistry object with no IssuingAuthorities.
Public methodValidatingIssuerNameRegistry(IEnumerable<IssuingAuthority>)Instantiates a new ValidatingIssuerNameRegistry object with an enumeration of issuing authorities.
Public methodValidatingIssuerNameRegistry(IssuingAuthority)Instantiates a new ValidatingIssuerNameRegistry object with one [IssuingAuthority].
Top

  NameDescription
Public propertyIssuingAuthoritiesGets the issuing authorities.
Top

  NameDescription
Protected methodCreateIssuingAuthorityA factory method that is called from LoadAuthority to enable the use of a custom [IssuingAuthority].
Public methodGetIssuerName(SecurityToken)This method is not supported. Call the overload GetIssuerName instead.
Public methodGetIssuerName(SecurityToken, String)Returns the name of the security token issuer.
Public methodStatic memberGetIssuingAuthorityCalls out to the metadata address and returns an [IssuingAuthority] with the contents of keys and issuers found in the metadata.
Protected methodIsSymmetricKeyValidThis method can be called as part of a security token validating sequence where it is necessary to validate that the signer of a security token and the issuer of a security token are as expected.
Protected methodIsThumbprintValidCan be called as part of a security token validating sequence where it is necessary to validate that the signer of a security token and the issuer of a security token are as expected.
Protected methodLoadAuthorityParses the input and creates an IssuingAuthority.
Public methodLoadCustomConfigurationLoads a set of configuration elements for custom handling.
Public methodStatic memberWriteToConfigUpdates the application configuration with information obtained from a federation metadata document.
Top

Services that are responsible for issuing security tokens can sign the tokens using a Symmetric or an Asymmetric Key. Tokens can also contain a logical issuer, which may be different than the signer of the token.

ValidatingIssuerNameRegistry can be used as part of a token validation sequence to ensure that signer of a token and the token issuer are as expected.

ValidatingIssuerNameRegistry can be constructed from a web.config or app.config from the following xml:

<system.identityModel>
   <issuerNameRegistry type='derived from ValidatingIssuerNameRegistry'>
      <authority name='someFriendlyName'>
         <keys>
            <add thumbprint='caseInsensitiveString'/>
            <add symmetricKey='Base64Encoded bytes' />
         </keys>
         <validIssuers>
            <add name='issuer1'/>
            <add name='issuer2'/>
         </validIssuers>
      </authority>
   </issuerNameRegistry>
</system.identityModel>

Any public static (Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.
Show:
© 2014 Microsoft