Represents an issuer name registry that maintains a list of trusted issuers loaded from elements in the application configuration file that associate each issuer name to the X.509 certificate that is needed to verify the signature of tokens produced by the issuer.
Assembly: System.IdentityModel (in System.IdentityModel.dll)
Initializes a new instance of theclass.
Gets the dictionary of trusted issuers that have been configured for this instance.
Adds an issuer to the dictionary of trusted issuers.
Determines whether the specified object is equal to the current object.(Inherited from Object.)
Allows an object to try to free resources and perform other cleanup operations before it is reclaimed by garbage collection.(Inherited from Object.)
Serves as the default hash function. (Inherited from Object.)
When overridden in a derived class, returns the name of the issuer of the specified security token. The specified issuer name may be considered in determining the issuer name to return.(Inherited from IssuerNameRegistry.)
Returns the default issuer name to be used for Windows claims.(Inherited from IssuerNameRegistry.)
Loads the trusted issuers from configuration.(Overrides IssuerNameRegistry.LoadCustomConfiguration(XmlNodeList).)
Returns a string that represents the current object.(Inherited from Object.)
The ConfiguredTrustedIssuers property. The class can only resolve X.509 certificates.class maintains a dictionary of trusted issuers by mapping the certificate of each trusted issuer to a name that refers to that issuer. The certificates are specified using the ASN.1 encoded form of the thumbprint. The issuer name can be any string, as long as it is unique within the scope of the application. This dictionary can be accessed through the
The map of trusted issuers is specified in a configuration file by adding entries under the <trustedIssuers> element. The <trustedIssuers> element is a child element of the <issuerNameRegistry> element and it is valid when the class is specified in the type attribute of that element. For more information, see the documentation for each of these elements in the Windows Identity Foundation Configuration Schema. For more information about issuer name registries, see the IssuerNameRegistry class.
You can derive from LoadCustomConfiguration method to load configuration from a custom configuration schema.to implement your own configuration based issuer name registry. Which methods you override will depend upon your implementation. For example, you can override the
The following XML shows configuration for aadded for a collection of security token handlers. The <trustedIssuers> element behaves like a classic .NET configuration collection, allowing the <add>, <delete> and <clear> elements as child elements.
<system.identityModel> <identityConfiguration> <securityTokenHandlersCollection> <securityTokenHandlerConfiguration> <issuerNameRegistry type="System.IdentityModel.Tokens.ConfigurationBasedIssuerNameRegistry, System.IdentityModel"> <trustedIssuers> <add thumbprint="97249e … 158de" name="contoso.com" /> </trustedIssuers> </issuerNameRegistry> </securityTokenHandlerConfiguration> </identityConfiguration> </system.identityModel>
Available since 4.5
Any public static (Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.