Rediger

Del via


UserNameSecurityTokenAuthenticator.ValidateUserNamePasswordCore Method

Definition

When overridden in a derived class, authenticates the specified user name and password and returns the set of authorization policies for UserNameSecurityToken security tokens.

protected:
 abstract System::Collections::ObjectModel::ReadOnlyCollection<System::IdentityModel::Policy::IAuthorizationPolicy ^> ^ ValidateUserNamePasswordCore(System::String ^ userName, System::String ^ password);
protected abstract System.Collections.ObjectModel.ReadOnlyCollection<System.IdentityModel.Policy.IAuthorizationPolicy> ValidateUserNamePasswordCore (string userName, string password);
abstract member ValidateUserNamePasswordCore : string * string -> System.Collections.ObjectModel.ReadOnlyCollection<System.IdentityModel.Policy.IAuthorizationPolicy>
Protected MustOverride Function ValidateUserNamePasswordCore (userName As String, password As String) As ReadOnlyCollection(Of IAuthorizationPolicy)

Parameters

userName
String

The user name associated with the security token.

password
String

The password associated with the security token.

Returns

A ReadOnlyCollection<T> of type IAuthorizationPolicy that contains the set of authorization policies in effect for this application.

Examples

protected override ReadOnlyCollection<IAuthorizationPolicy> ValidateUserNamePasswordCore(string userName, string password)
{
    if (!ValidateUserNameFormat(userName))
        throw new SecurityTokenValidationException("Incorrect UserName format");

    ClaimSet claimSet = new DefaultClaimSet(ClaimSet.System, new Claim(ClaimTypes.Name, userName, Rights.PossessProperty));
    List<IIdentity> identities = new List<IIdentity>(1);
    identities.Add(new GenericIdentity(userName));
    List<IAuthorizationPolicy> policies = new List<IAuthorizationPolicy>(1);
    policies.Add(new UnconditionalPolicy(ClaimSet.System, claimSet, DateTime.MaxValue.ToUniversalTime(), identities));
    return policies.AsReadOnly();
}
    Protected Overrides Function ValidateUserNamePasswordCore(ByVal userName As String, ByVal password As String) As ReadOnlyCollection(Of IAuthorizationPolicy)

        If Not ValidateUserNameFormat(userName) Then
            Throw New SecurityTokenValidationException("Incorrect UserName format")
        End If
        Dim setOfClaims As New DefaultClaimSet(ClaimSet.System, New Claim(ClaimTypes.Name, userName, Rights.PossessProperty))
        Dim identities As New List(Of IIdentity)(1)

        identities.Add(New GenericIdentity(userName))
        Dim policies As New List(Of IAuthorizationPolicy)(1)
        policies.Add(New UnconditionalPolicy(ClaimSet.System, setOfClaims, DateTime.MaxValue.ToUniversalTime(), identities))
        Return policies.AsReadOnly()

    End Function 'New
End Class

Remarks

Override the ValidateUserNamePasswordCore method to authenticate UserNameSecurityToken security tokens.

When the ValidateUserNamePasswordCore method is overridden, follow these guidelines:

When this method returns null, Windows Communication Foundation throws a SecurityTokenValidationException exception.

Applies to