Export (0) Print
Expand All

UserNameSecurityTokenAuthenticator.ValidateUserNamePasswordCore Method

When overridden in a derived class, authenticates the specified user name and password and returns the set of authorization policies for UserNameSecurityToken security tokens.

Namespace:  System.IdentityModel.Selectors
Assembly:  System.IdentityModel (in System.IdentityModel.dll)

protected abstract ReadOnlyCollection<IAuthorizationPolicy> ValidateUserNamePasswordCore(
	string userName,
	string password


Type: System.String

The user name associated with the security token.

Type: System.String

The password associated with the security token.

Return Value

Type: System.Collections.ObjectModel.ReadOnlyCollection<IAuthorizationPolicy>
A ReadOnlyCollection<T> of type IAuthorizationPolicy that contains the set of authorization policies in effect for this application.

Override the ValidateUserNamePasswordCore method to authenticate UserNameSecurityToken security tokens.

When the ValidateUserNamePasswordCore method is overridden, follow these guidelines:

When null is returned by this method, Windows Communication Foundation (WCF) throws the SecurityTokenValidationException exception.

protected override ReadOnlyCollection<IAuthorizationPolicy> ValidateUserNamePasswordCore(string userName, string password)
    if (!ValidateUserNameFormat(userName))
        throw new SecurityTokenValidationException("Incorrect UserName format");

    ClaimSet claimSet = new DefaultClaimSet(ClaimSet.System, new Claim(ClaimTypes.Name, userName, Rights.PossessProperty));
    List<IIdentity> identities = new List<IIdentity>(1);
    identities.Add(new GenericIdentity(userName));
    List<IAuthorizationPolicy> policies = new List<IAuthorizationPolicy>(1);
    policies.Add(new UnconditionalPolicy(ClaimSet.System, claimSet, DateTime.MaxValue.ToUniversalTime(), identities));
    return policies.AsReadOnly();

.NET Framework

Supported in: 4.6, 4.5, 4, 3.5, 3.0

.NET Framework Client Profile

Supported in: 4, 3.5 SP1
© 2015 Microsoft