IssuedTokenServiceCredential.AllowUntrustedRsaIssuers Property


The .NET API Reference documentation has a new home. Visit the .NET API Browser on to see the new experience.

Gets or sets a value indicating whether to allow untrusted RSA token issuers.

Namespace:   System.ServiceModel.Security
Assembly:  System.ServiceModel (in System.ServiceModel.dll)

public bool AllowUntrustedRsaIssuers { get; set; }

Property Value

Type: System.Boolean

true if untrusted RSA token issuers are allowed; otherwise, false. The default is false.

Exception Condition

Trying to change a read-only token.

The following code shows one way to access and set this property.

// This method configures the IssuedTokenAuthentication property of a ServiceHost.
public static void ConfigureIssuedTokenServiceCredentials( 
       ServiceHost sh, bool allowCardspaceTokens, IList<X509Certificate2> knownissuers, 
       X509CertificateValidationMode certMode, X509RevocationMode revocationMode, SamlSerializer ser )
  // Allow CardSpace tokens.
  sh.Credentials.IssuedTokenAuthentication.AllowUntrustedRsaIssuers = allowCardspaceTokens;

  // Set up known issuer certificates.
  foreach(X509Certificate2 cert in knownissuers)
	sh.Credentials.IssuedTokenAuthentication.KnownCertificates.Add ( cert );

  // Set issuer certificate validation and revocation checking modes.
  sh.Credentials.IssuedTokenAuthentication.CertificateValidationMode = 
     sh.Credentials.IssuedTokenAuthentication.RevocationMode = X509RevocationMode.Online;
     sh.Credentials.IssuedTokenAuthentication.TrustedStoreLocation = StoreLocation.LocalMachine;

  // Set the SamlSerializer, if one is specified.
  if ( ser != null )
	sh.Credentials.IssuedTokenAuthentication.SamlSerializer = ser;

.NET Framework
Available since 3.0
Return to top