IssuedTokenServiceCredential.AllowUntrustedRsaIssuers Property

Definition

Gets or sets a value indicating whether to allow untrusted RSA token issuers.

public:
 property bool AllowUntrustedRsaIssuers { bool get(); void set(bool value); };
public bool AllowUntrustedRsaIssuers { get; set; }
member this.AllowUntrustedRsaIssuers : bool with get, set
Public Property AllowUntrustedRsaIssuers As Boolean

Property Value

true if untrusted RSA token issuers are allowed; otherwise, false. The default is false.

Exceptions

Trying to change a read-only token.

Examples

The following code shows one way to access and set this property.

// This method configures the IssuedTokenAuthentication property of a ServiceHost.
public static void ConfigureIssuedTokenServiceCredentials(
    ServiceHost sh, bool allowCardspaceTokens, IList<X509Certificate2> knownissuers,
    X509CertificateValidationMode certMode, X509RevocationMode revocationMode, SamlSerializer ser )
{
  // Allow CardSpace tokens.
  sh.Credentials.IssuedTokenAuthentication.AllowUntrustedRsaIssuers = allowCardspaceTokens;

  // Set up known issuer certificates.
  foreach(X509Certificate2 cert in knownissuers)
    sh.Credentials.IssuedTokenAuthentication.KnownCertificates.Add ( cert );

  // Set issuer certificate validation and revocation checking modes.
  sh.Credentials.IssuedTokenAuthentication.CertificateValidationMode =
      X509CertificateValidationMode.PeerOrChainTrust;
  sh.Credentials.IssuedTokenAuthentication.RevocationMode = X509RevocationMode.Online;
  sh.Credentials.IssuedTokenAuthentication.TrustedStoreLocation = StoreLocation.LocalMachine;

  // Set the SamlSerializer, if one is specified.
  if ( ser != null )
    sh.Credentials.IssuedTokenAuthentication.SamlSerializer = ser;
}
' This method configures the IssuedTokenAuthentication property of a ServiceHost.
Public Shared Sub ConfigureIssuedTokenServiceCredentials( _
    ByVal sh As ServiceHost, _
    ByVal allowCardspaceTokens As Boolean, _
    ByVal knownissuers As IList(Of X509Certificate2), _
    ByVal certMode As X509CertificateValidationMode, _
    ByVal revocationMode As X509RevocationMode, _
    ByVal ser As SamlSerializer _
    )
    ' Allow CardSpace tokens.
    sh.Credentials.IssuedTokenAuthentication.AllowUntrustedRsaIssuers = _
    allowCardspaceTokens

    ' Set up known issuer certificates.
    Dim cert As X509Certificate2
    For Each cert In knownissuers
        sh.Credentials.IssuedTokenAuthentication.KnownCertificates.Add(cert)
    Next cert
    ' Set issuer certificate validation and revocation checking modes.
    sh.Credentials.IssuedTokenAuthentication.CertificateValidationMode = _
        X509CertificateValidationMode.PeerOrChainTrust
    sh.Credentials.IssuedTokenAuthentication.RevocationMode = _
    X509RevocationMode.Online

    ' Set the SamlSerializer, if one is specified.
    If Not (ser Is Nothing) Then
        sh.Credentials.IssuedTokenAuthentication.SamlSerializer = ser
    End If
End Sub

Applies to