UserNameSecurityTokenAuthenticator.ValidateUserNamePasswordCore 方法

定义

命名空间:

System.IdentityModel.Selectors

程序集:

System.IdentityModel.dll

如果在派生类中重写，则对指定的用户名和密码进行身份验证，并且返回 UserNameSecurityToken 安全令牌的授权策略集。

protected:
 abstract System::Collections::ObjectModel::ReadOnlyCollection<System::IdentityModel::Policy::IAuthorizationPolicy ^> ^ ValidateUserNamePasswordCore(System::String ^ userName, System::String ^ password);

protected abstract System.Collections.ObjectModel.ReadOnlyCollection<System.IdentityModel.Policy.IAuthorizationPolicy> ValidateUserNamePasswordCore (string userName, string password);

abstract member ValidateUserNamePasswordCore : string * string -> System.Collections.ObjectModel.ReadOnlyCollection<System.IdentityModel.Policy.IAuthorizationPolicy>

Protected MustOverride Function ValidateUserNamePasswordCore (userName As String, password As String) As ReadOnlyCollection(Of IAuthorizationPolicy)

参数

userName

String

与安全令牌相关联的用户名。

password

String

与安全令牌相关联的密码。

返回

ReadOnlyCollection<IAuthorizationPolicy>

一个类型为 ReadOnlyCollection<T> 的 IAuthorizationPolicy，它包含对此应用程序生效的授权策略集。

示例

protected override ReadOnlyCollection<IAuthorizationPolicy> ValidateUserNamePasswordCore(string userName, string password)
{
    if (!ValidateUserNameFormat(userName))
        throw new SecurityTokenValidationException("Incorrect UserName format");

    ClaimSet claimSet = new DefaultClaimSet(ClaimSet.System, new Claim(ClaimTypes.Name, userName, Rights.PossessProperty));
    List<IIdentity> identities = new List<IIdentity>(1);
    identities.Add(new GenericIdentity(userName));
    List<IAuthorizationPolicy> policies = new List<IAuthorizationPolicy>(1);
    policies.Add(new UnconditionalPolicy(ClaimSet.System, claimSet, DateTime.MaxValue.ToUniversalTime(), identities));
    return policies.AsReadOnly();
}

    Protected Overrides Function ValidateUserNamePasswordCore(ByVal userName As String, ByVal password As String) As ReadOnlyCollection(Of IAuthorizationPolicy)

        If Not ValidateUserNameFormat(userName) Then
            Throw New SecurityTokenValidationException("Incorrect UserName format")
        End If
        Dim setOfClaims As New DefaultClaimSet(ClaimSet.System, New Claim(ClaimTypes.Name, userName, Rights.PossessProperty))
        Dim identities As New List(Of IIdentity)(1)

        identities.Add(New GenericIdentity(userName))
        Dim policies As New List(Of IAuthorizationPolicy)(1)
        policies.Add(New UnconditionalPolicy(ClaimSet.System, setOfClaims, DateTime.MaxValue.ToUniversalTime(), identities))
        Return policies.AsReadOnly()

    End Function 'New
End Class

注解

重写 ValidateUserNamePasswordCore 方法，以便对 UserNameSecurityToken 安全令牌进行身份验证。

重写 ValidateUserNamePasswordCore 方法时，请遵循下列准则：

• 当无法验证传递给 token 参数的安全令牌时，将引发 SecurityTokenValidationException 异常。

• 当不存在对此应用程序生效的授权策略时，返回 ReadOnlyCollection<T> 类型的空 IAuthorizationPolicy。

此方法返回 null时，Windows Communication Foundation 将 SecurityTokenValidationException 引发异常。