UserNameSecurityTokenAuthenticator.ValidateUserNamePasswordCore Method

Definition

When overridden in a derived class, authenticates the specified user name and password and returns the set of authorization policies for UserNameSecurityToken security tokens.

C#
protected abstract System.Collections.ObjectModel.ReadOnlyCollection<System.IdentityModel.Policy.IAuthorizationPolicy> ValidateUserNamePasswordCore (string userName, string password);

Parameters

userName
String

The user name associated with the security token.

password
String

The password associated with the security token.

Returns

A ReadOnlyCollection<T> of type IAuthorizationPolicy that contains the set of authorization policies in effect for this application.

Examples

C#
protected override ReadOnlyCollection<IAuthorizationPolicy> ValidateUserNamePasswordCore(string userName, string password)
{
    if (!ValidateUserNameFormat(userName))
        throw new SecurityTokenValidationException("Incorrect UserName format");

    ClaimSet claimSet = new DefaultClaimSet(ClaimSet.System, new Claim(ClaimTypes.Name, userName, Rights.PossessProperty));
    List<IIdentity> identities = new List<IIdentity>(1);
    identities.Add(new GenericIdentity(userName));
    List<IAuthorizationPolicy> policies = new List<IAuthorizationPolicy>(1);
    policies.Add(new UnconditionalPolicy(ClaimSet.System, claimSet, DateTime.MaxValue.ToUniversalTime(), identities));
    return policies.AsReadOnly();
}

Remarks

Override the ValidateUserNamePasswordCore method to authenticate UserNameSecurityToken security tokens.

When the ValidateUserNamePasswordCore method is overridden, follow these guidelines:

When this method returns null, Windows Communication Foundation throws a SecurityTokenValidationException exception.

Applies to

Продукт Версии
.NET Framework 3.0, 3.5, 4.0, 4.5, 4.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8, 4.8.1