IssuedTokenServiceCredential.RevocationMode Property

Reference

Definition

Namespace:: System.ServiceModel.Security

Assembly:: System.ServiceModel.dll

Important

Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.

Gets or sets the revocation mode.

public:
 property System::Security::Cryptography::X509Certificates::X509RevocationMode RevocationMode { System::Security::Cryptography::X509Certificates::X509RevocationMode get(); void set(System::Security::Cryptography::X509Certificates::X509RevocationMode value); };

public System.Security.Cryptography.X509Certificates.X509RevocationMode RevocationMode { get; set; }

member this.RevocationMode : System.Security.Cryptography.X509Certificates.X509RevocationMode with get, set

Public Property RevocationMode As X509RevocationMode

Property Value

X509RevocationMode

The revocation mode.

Examples

The following code shows one way to access and set this property.

// This method configures the IssuedTokenAuthentication property of a ServiceHost.
public static void ConfigureIssuedTokenServiceCredentials(
    ServiceHost sh, bool allowCardspaceTokens, IList<X509Certificate2> knownissuers,
    X509CertificateValidationMode certMode, X509RevocationMode revocationMode, SamlSerializer ser )
{
  // Allow CardSpace tokens.
  sh.Credentials.IssuedTokenAuthentication.AllowUntrustedRsaIssuers = allowCardspaceTokens;

  // Set up known issuer certificates.
  foreach(X509Certificate2 cert in knownissuers)
    sh.Credentials.IssuedTokenAuthentication.KnownCertificates.Add ( cert );

  // Set issuer certificate validation and revocation checking modes.
  sh.Credentials.IssuedTokenAuthentication.CertificateValidationMode =
      X509CertificateValidationMode.PeerOrChainTrust;
  sh.Credentials.IssuedTokenAuthentication.RevocationMode = X509RevocationMode.Online;
  sh.Credentials.IssuedTokenAuthentication.TrustedStoreLocation = StoreLocation.LocalMachine;

  // Set the SamlSerializer, if one is specified.
  if ( ser != null )
    sh.Credentials.IssuedTokenAuthentication.SamlSerializer = ser;
}

' This method configures the IssuedTokenAuthentication property of a ServiceHost.
Public Shared Sub ConfigureIssuedTokenServiceCredentials( _
    ByVal sh As ServiceHost, _
    ByVal allowCardspaceTokens As Boolean, _
    ByVal knownissuers As IList(Of X509Certificate2), _
    ByVal certMode As X509CertificateValidationMode, _
    ByVal revocationMode As X509RevocationMode, _
    ByVal ser As SamlSerializer _
    )
    ' Allow CardSpace tokens.
    sh.Credentials.IssuedTokenAuthentication.AllowUntrustedRsaIssuers = _
    allowCardspaceTokens

    ' Set up known issuer certificates.
    Dim cert As X509Certificate2
    For Each cert In knownissuers
        sh.Credentials.IssuedTokenAuthentication.KnownCertificates.Add(cert)
    Next cert
    ' Set issuer certificate validation and revocation checking modes.
    sh.Credentials.IssuedTokenAuthentication.CertificateValidationMode = _
        X509CertificateValidationMode.PeerOrChainTrust
    sh.Credentials.IssuedTokenAuthentication.RevocationMode = _
    X509RevocationMode.Online

    ' Set the SamlSerializer, if one is specified.
    If Not (ser Is Nothing) Then
        sh.Credentials.IssuedTokenAuthentication.SamlSerializer = ser
    End If
End Sub

Remarks

The X509RevocationMode is used to specify whether a revocation check occurs and if it is performed online or offline.

Applies to

다음을 통해 공유