CertificateAuthenticationOptions Class
Definition
Important
Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
Options used to configure certificate authentication.
public ref class CertificateAuthenticationOptions : Microsoft::AspNetCore::Authentication::AuthenticationSchemeOptionspublic class CertificateAuthenticationOptions : Microsoft.AspNetCore.Authentication.AuthenticationSchemeOptionstype CertificateAuthenticationOptions = class
inherit AuthenticationSchemeOptionsPublic Class CertificateAuthenticationOptions
Inherits AuthenticationSchemeOptions- Inheritance
Constructors
| CertificateAuthenticationOptions() |
Properties
| AdditionalChainCertificates |
Collection of X509 certificates which are added to the X509Chain.ChainPolicy.ExtraStore of the certificate chain. |
| AllowedCertificateTypes |
Value indicating the types of certificates accepted by the authentication middleware. |
| ChainTrustValidationMode |
Method used to validate certificate chains against CustomTrustStore. |
| ClaimsIssuer |
Gets or sets the issuer that should be used for any claims that are created (Inherited from AuthenticationSchemeOptions) |
| CustomTrustStore |
Collection of X509 certificates which are trusted components of the certificate chain. |
| Events |
The object provided by the application to process events raised by the certificate authentication middleware. The application may implement the interface fully, or it may create an instance of CertificateAuthenticationEvents and assign delegates only to the events it wants to process. |
| EventsType |
If set, will be used as the service type to get the Events instance instead of the property. (Inherited from AuthenticationSchemeOptions) |
| ForwardAuthenticate |
If set, this specifies the target scheme that this scheme should forward AuthenticateAsync calls to. For example Context.AuthenticateAsync("ThisScheme") => Context.AuthenticateAsync("ForwardAuthenticateValue"); Set the target to the current scheme to disable forwarding and allow normal processing. (Inherited from AuthenticationSchemeOptions) |
| ForwardChallenge |
If set, this specifies the target scheme that this scheme should forward ChallengeAsync calls to. For example Context.ChallengeAsync("ThisScheme") => Context.ChallengeAsync("ForwardChallengeValue"); Set the target to the current scheme to disable forwarding and allow normal processing. (Inherited from AuthenticationSchemeOptions) |
| ForwardDefault |
If set, this specifies a default scheme that authentication handlers should forward all authentication operations to by default. The default forwarding logic will check the most specific ForwardAuthenticate/Challenge/Forbid/SignIn/SignOut setting first, followed by checking the ForwardDefaultSelector, followed by ForwardDefault. The first non null result will be used as the target scheme to forward to. (Inherited from AuthenticationSchemeOptions) |
| ForwardDefaultSelector |
Used to select a default scheme for the current request that authentication handlers should forward all authentication operations to by default. The default forwarding logic will check the most specific ForwardAuthenticate/Challenge/Forbid/SignIn/SignOut setting first, followed by checking the ForwardDefaultSelector, followed by ForwardDefault. The first non null result will be used as the target scheme to forward to. (Inherited from AuthenticationSchemeOptions) |
| ForwardForbid |
If set, this specifies the target scheme that this scheme should forward ForbidAsync calls to. For example Context.ForbidAsync("ThisScheme") => Context.ForbidAsync("ForwardForbidValue"); Set the target to the current scheme to disable forwarding and allow normal processing. (Inherited from AuthenticationSchemeOptions) |
| ForwardSignIn |
If set, this specifies the target scheme that this scheme should forward SignInAsync calls to. For example Context.SignInAsync("ThisScheme") => Context.SignInAsync("ForwardSignInValue"); Set the target to the current scheme to disable forwarding and allow normal processing. (Inherited from AuthenticationSchemeOptions) |
| ForwardSignOut |
If set, this specifies the target scheme that this scheme should forward SignOutAsync calls to. For example Context.SignOutAsync("ThisScheme") => Context.SignOutAsync("ForwardSignOutValue"); Set the target to the current scheme to disable forwarding and allow normal processing. (Inherited from AuthenticationSchemeOptions) |
| RevocationFlag |
Specifies which X509 certificates in the chain should be checked for revocation. |
| RevocationMode |
Specifies conditions under which verification of certificates in the X509 chain should be conducted. |
| TimeProvider |
Used for testing. (Inherited from AuthenticationSchemeOptions) |
| ValidateCertificateUse |
Flag indicating whether the client certificate must be suitable for client authentication, either via the Client Authentication EKU, or having no EKUs at all. If the certificate chains to a root CA all certificates in the chain must be validated for the client authentication EKU. |
| ValidateValidityPeriod |
Flag indicating whether the client certificate validity period should be checked. |
Methods
| Validate() |
Check that the options are valid. Should throw an exception if things are not ok. (Inherited from AuthenticationSchemeOptions) |
| Validate(String) |
Checks that the options are valid for a specific scheme (Inherited from AuthenticationSchemeOptions) |
Applies to
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for