UserNameSecurityTokenAuthenticator Class
Authenticates a UserNameSecurityToken security token.
Assembly: System.IdentityModel (in System.IdentityModel.dll)
Override the UserNameSecurityTokenAuthenticator class to authenticate security tokens based on a user name and password.
The Windows Communication Foundation (WCF) ships with the following classes that provide support for authenticating UserNameSecurityToken security tokens.
Type | Description |
|---|---|
Allows an application to provide a custom authentication scheme for user names and passwords. The authentication scheme is provided using a class deriving from the UserNamePasswordValidator class. | |
Authenticates the user name and password as a Windows account. |
Most custom authentication schemes can use the use the CustomUserNameSecurityTokenAuthenticator class and implement a class that derives from the UserNamePasswordValidator class. However, if additional flexibility is needed, you can derive a class from the UserNameSecurityTokenAuthenticator class and override the ValidateUserNamePasswordCore method.
Imports System Imports System.Collections.Generic Imports System.Collections.ObjectModel Imports System.Text Imports System.IdentityModel.Claims Imports System.IdentityModel.Policy Imports System.IdentityModel.Selectors Imports System.IdentityModel.Tokens Imports System.Security.Principal Imports System.ServiceModel.Security Imports System.Text.RegularExpressions Class MyTokenAuthenticator Inherits UserNameSecurityTokenAuthenticator Shared Function IsRogueDomain(ByVal domain As String) As Boolean Return False End Function 'IsRogueDomain Shared Function IsEmail(ByVal inputEmail As String) As Boolean Dim strRegex As String = "^([a-zA-Z0-9_\-\.]+)@((\[[0-9]{1,3}" + "\.[0-9]{1,3}\.[0-9]{1,3}\.)|(([a-zA-Z0-9\-]+\" + ".)+))([a-zA-Z]{2,4}|[0-9]{1,3})(\]?)$" Dim re As New Regex(strRegex) If re.IsMatch(inputEmail) Then Return True Else Return False End If End Function 'IsEmail Function ValidateUserNameFormat(ByVal UserName As String) As Boolean If Not IsEmail(UserName) Then Console.WriteLine("Not a valid email") Return False End If Dim emailAddress As String() = UserName.Split("@"c) Dim user As String = emailAddress(0) Dim domain As String = emailAddress(1) If IsRogueDomain(domain) Then Return False End If Return True End Function Protected Overrides Function ValidateUserNamePasswordCore(ByVal userName As String, ByVal password As String) As ReadOnlyCollection(Of IAuthorizationPolicy) If Not ValidateUserNameFormat(userName) Then Throw New SecurityTokenValidationException("Incorrect UserName format") End If Dim setOfClaims As New DefaultClaimSet(ClaimSet.System, New Claim(ClaimTypes.Name, userName, Rights.PossessProperty)) Dim identities As New List(Of IIdentity)(1) identities.Add(New GenericIdentity(userName)) Dim policies As New List(Of IAuthorizationPolicy)(1) policies.Add(New UnconditionalPolicy(ClaimSet.System, setOfClaims, DateTime.MaxValue.ToUniversalTime(), identities)) Return policies.AsReadOnly() End Function 'New End Class Class UnconditionalPolicy Implements IAuthorizationPolicy Private idValue As String = Guid.NewGuid().ToString() Private issuerValue As ClaimSet Private issuance As ClaimSet Private expirationTimeValue As DateTime Private identities As IList(Of IIdentity) Public Sub New(ByVal issuer As ClaimSet, ByVal issuance As ClaimSet, ByVal expirationTime As DateTime, ByVal identities As IList(Of IIdentity)) If issuer Is Nothing Then Throw New ArgumentNullException("issuer") End If If issuance Is Nothing Then Throw New ArgumentNullException("issuance") End If Me.issuerValue = issuer Me.issuance = issuance Me.identities = identities Me.expirationTimeValue = expirationTime End Sub Public ReadOnly Property Id() As String Implements IAuthorizationPolicy.Id Get Return Me.idValue End Get End Property Public ReadOnly Property Issuer() As ClaimSet Implements IAuthorizationPolicy.Issuer Get Return Me.issuerValue End Get End Property Public ReadOnly Property ExpirationTime() As DateTime Get Return Me.expirationTimeValue End Get End Property Public Function Evaluate(ByVal evalContext As evaluationContext, ByRef state As Object) As Boolean Implements IAuthorizationPolicy.Evaluate evalContext.AddClaimSet(Me, Me.issuance) If Not (Me.identities Is Nothing) Then Dim value As Object = Nothing Dim contextIdentities As IList(Of IIdentity) If Not evalContext.Properties.TryGetValue("Identities", value) Then contextIdentities = New List(Of IIdentity)(Me.identities.Count) ' evalContext.Properties.Add("Identities", contextIdentities) Else contextIdentities = CType(value, IList(Of IIdentity)) End If Dim identity As IIdentity For Each identity In Me.identities contextIdentities.Add(identity) Next identity End If evalContext.RecordExpirationTime(Me.expirationTimeValue) Return True End Function End Class
System.IdentityModel.Selectors.SecurityTokenAuthenticator
System.IdentityModel.Selectors.UserNameSecurityTokenAuthenticator
System.IdentityModel.Selectors.CustomUserNameSecurityTokenAuthenticator
System.IdentityModel.Selectors.WindowsUserNameSecurityTokenAuthenticator
Windows 7, Windows Vista, Windows XP SP2, Windows Server 2008 R2, Windows Server 2008, Windows Server 2003
The .NET Framework and .NET Compact Framework do not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.