UsernameTokenManager.VerifyHashedPassword Method
Verifies the password for a UsernameToken security token in a received SOAP message that is hashed.
Namespace: Microsoft.Web.Services2.Security.Tokens
Assembly: Microsoft.Web.Services2 (in microsoft.web.services2.dll)
Usage
'Usage
Public Class usernameTokenManagerImplementation
Inherits UsernameTokenManager
Protected Overrides Sub VerifyHashedPassword(token As UsernameToken, _
authenticatedPassword As String)
MyBase.VerifyHashedPassword(token, authenticatedPassword)
End Sub
End Class
Syntax
'Declaration
Protected Overridable Sub VerifyHashedPassword( _
ByVal token As UsernameToken, _
ByVal authenticatedPassword As String _
)
protected virtual void VerifyHashedPassword(
UsernameToken token,
string authenticatedPassword
);
protected: Void VerifyHashedPassword(
UsernameToken^ token,
String^ authenticatedPassword
);
protected void VerifyHashedPassword(
UsernameToken token,
System.String authenticatedPassword
);
protected function VerifyHashedPassword(
token : UsernameToken,
authenticatedPassword : String
);
Parameters
- token
The UsernameToken contained within the SOAP message.
- authenticatedPassword
The hashed password to match against the one received in the SOAP message.
Exceptions
| Exception type | Condition |
|---|---|
| System.Exception | The hashed password in the SOAP message does not match the authenticatedPassword parameter. -or- The password was in the SOAP message and was not sent hashed. -or- authenticatedPassword is null. |
| System.ArgumentNullException | token is null. |
Remarks
When a SOAP message is received that contains a UsernameToken, WSE uses the UsernameTokenManager security token manager to process the contents of the security token. During that process, the UsernameTokenManager calls the VerifyToken method to verify the validity of the token, which in turn conditionally calls the AuthenticateToken method and then the VerifyPassword method. The VerifyPassword method verifies the password portion of the security token. If the password is not valid an exception is thrown.
The default implementation of the VerifyPassword method verifies the validity of the password for a UsernameToken in a SOAP message based on how the password is sent in the SOAP message. If the password is sent hashed, VerifyPassword calls the VerifyHashedPasswordmethod. If the password is sent in the SOAP message in plain text, the VerifyPassword method calls the VerifyPlainTextPassword method. If there is no password sent in the SOAP message, VerifyPassword verifies that AuthenticateToken successfully retrieved a non-null password.
Thread Safety
Any public static (Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.
Platforms
Development Platforms
Windows XP Home Edition, Windows XP Professional, Windows Server 2003, Windows Longhorn, and Windows 2000
Target Platforms
Windows 2000, Windows 2000 Server, Windows 2000 Advanced Server, Windows XP Home Edition, Windows XP Professional, Windows Server 2003, Windows Longhorn, Pocket PC, Windows CE, Smart Phone
See Also
Reference
UsernameTokenManager Class
Microsoft.Web.Services2.Security.Tokens Namespace
UsernameToken
PasswordOption
VerifyPassword
VerifyPlainTextPassword
VerifyToken
AuthenticateToken