UserNameSecurityTokenAuthenticator.ValidateUserNamePasswordCore Method
Definition
Important
Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
When overridden in a derived class, authenticates the specified user name and password and returns the set of authorization policies for UserNameSecurityToken security tokens.
protected:
abstract System::Collections::ObjectModel::ReadOnlyCollection<System::IdentityModel::Policy::IAuthorizationPolicy ^> ^ ValidateUserNamePasswordCore(System::String ^ userName, System::String ^ password);protected abstract System.Collections.ObjectModel.ReadOnlyCollection<System.IdentityModel.Policy.IAuthorizationPolicy> ValidateUserNamePasswordCore (string userName, string password);abstract member ValidateUserNamePasswordCore : string * string -> System.Collections.ObjectModel.ReadOnlyCollection<System.IdentityModel.Policy.IAuthorizationPolicy>Protected MustOverride Function ValidateUserNamePasswordCore (userName As String, password As String) As ReadOnlyCollection(Of IAuthorizationPolicy)Parameters
- userName
- String
The user name associated with the security token.
- password
- String
The password associated with the security token.
Returns
A ReadOnlyCollection<T> of type IAuthorizationPolicy that contains the set of authorization policies in effect for this application.
Examples
protected override ReadOnlyCollection<IAuthorizationPolicy> ValidateUserNamePasswordCore(string userName, string password)
{
if (!ValidateUserNameFormat(userName))
throw new SecurityTokenValidationException("Incorrect UserName format");
ClaimSet claimSet = new DefaultClaimSet(ClaimSet.System, new Claim(ClaimTypes.Name, userName, Rights.PossessProperty));
List<IIdentity> identities = new List<IIdentity>(1);
identities.Add(new GenericIdentity(userName));
List<IAuthorizationPolicy> policies = new List<IAuthorizationPolicy>(1);
policies.Add(new UnconditionalPolicy(ClaimSet.System, claimSet, DateTime.MaxValue.ToUniversalTime(), identities));
return policies.AsReadOnly();
}
Protected Overrides Function ValidateUserNamePasswordCore(ByVal userName As String, ByVal password As String) As ReadOnlyCollection(Of IAuthorizationPolicy)
If Not ValidateUserNameFormat(userName) Then
Throw New SecurityTokenValidationException("Incorrect UserName format")
End If
Dim setOfClaims As New DefaultClaimSet(ClaimSet.System, New Claim(ClaimTypes.Name, userName, Rights.PossessProperty))
Dim identities As New List(Of IIdentity)(1)
identities.Add(New GenericIdentity(userName))
Dim policies As New List(Of IAuthorizationPolicy)(1)
policies.Add(New UnconditionalPolicy(ClaimSet.System, setOfClaims, DateTime.MaxValue.ToUniversalTime(), identities))
Return policies.AsReadOnly()
End Function 'New
End Class
Remarks
Override the ValidateUserNamePasswordCore method to authenticate UserNameSecurityToken security tokens.
When the ValidateUserNamePasswordCore method is overridden, follow these guidelines:
When the security token passed into the
tokenparameter cannot be validated, throw the SecurityTokenValidationException exception.When there are no authorization policies in effect for this application, return an empty ReadOnlyCollection<T> of type IAuthorizationPolicy.
When this method returns null, Windows Communication Foundation throws a SecurityTokenValidationException exception.
Applies to
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for