Edit

Kongsi melalui


X509SecurityTokenAuthenticator.MapCertificateToWindowsAccount Property

Definition

Gets a value that indicates whether to map the X.509 certificate to a Windows account.

public:
 property bool MapCertificateToWindowsAccount { bool get(); };
public bool MapCertificateToWindowsAccount { get; }
member this.MapCertificateToWindowsAccount : bool
Public ReadOnly Property MapCertificateToWindowsAccount As Boolean

Property Value

true to map the X.509 certificate to a Windows account; otherwise, false.

Remarks

The MapCertificateToWindowsAccount property can only be set in a constructor.

If transport-level SSL or HTTPS security is being used and mapping is already provided by the underlying security channel or by Internet Information Services (IIS), then that mapping is applied with no chain validation. Otherwise, prior to doing the mapping, the certificate is validated using a certificate chain, and the certificate must chain to an NT_AUTHORITY identity. The chain structure used corresponds to the CERT_CHAIN_POLICY_NT_AUTH as defined in the CertVerifyCertificateChainPolicy function. This behavior only occurs when mapping a certificate to a Windows account.

Applies to