Share via


ValidatingIssuerNameRegistry Class

Represents a class that validates security token issuer names.

Inheritance Hierarchy

System.IdentityModel.Tokens.IssuerNameRegistry
  System.IdentityModel.Tokens.ValidatingIssuerNameRegistry

Namespace:  System.IdentityModel.Tokens
Assembly:  System.IdentityModel.Tokens.ValidatingIssuerNameRegistry (in System.IdentityModel.Tokens.ValidatingIssuerNameRegistry.dll)

Syntax

'Declaration
Public Class ValidatingIssuerNameRegistry _
    Inherits IssuerNameRegistry
public class ValidatingIssuerNameRegistry : IssuerNameRegistry
public ref class ValidatingIssuerNameRegistry : public IssuerNameRegistry
type ValidatingIssuerNameRegistry =  
    class 
        inherit IssuerNameRegistry 
    end
public class ValidatingIssuerNameRegistry extends IssuerNameRegistry

The ValidatingIssuerNameRegistry type exposes the following members.

Constructors

  Name Description
Public method ValidatingIssuerNameRegistry() Instantiates a new ValidatingIssuerNameRegistry object with no IssuingAuthorities.
Public method ValidatingIssuerNameRegistry(IEnumerable<IssuingAuthority>) Instantiates a new ValidatingIssuerNameRegistry object with an enumeration of issuing authorities.
Public method ValidatingIssuerNameRegistry(IssuingAuthority) Instantiates a new ValidatingIssuerNameRegistry object with one [IssuingAuthority].

Top

Properties

  Name Description
Public property IssuingAuthorities Gets the issuing authorities.

Top

Methods

  Name Description
Protected method CreateIssuingAuthority A factory method that is called from LoadAuthority to enable the use of a custom [IssuingAuthority].
Public method GetIssuerName(SecurityToken) This method is not supported. Call the overload GetIssuerName instead.
Public method GetIssuerName(SecurityToken, String) Returns the name of the security token issuer.
Public methodStatic member GetIssuingAuthority Calls out to the metadata address and returns an [IssuingAuthority] with the contents of keys and issuers found in the metadata.
Protected method IsSymmetricKeyValid This method can be called as part of a security token validating sequence where it is necessary to validate that the signer of a security token and the issuer of a security token are as expected.
Protected method IsThumbprintValid Can be called as part of a security token validating sequence where it is necessary to validate that the signer of a security token and the issuer of a security token are as expected.
Protected method LoadAuthority Parses the input and creates an IssuingAuthority.
Public method LoadCustomConfiguration Loads a set of configuration elements for custom handling.
Public methodStatic member WriteToConfig Updates the application configuration with information obtained from a federation metadata document.

Top

Remarks

Services that are responsible for issuing security tokens can sign the tokens using a Symmetric or an Asymmetric Key. Tokens can also contain a logical issuer, which may be different than the signer of the token.

ValidatingIssuerNameRegistry can be used as part of a token validation sequence to ensure that signer of a token and the token issuer are as expected.

ValidatingIssuerNameRegistry can be constructed from a web.config or app.config from the following xml:

<system.identityModel>
   <issuerNameRegistry type='derived from ValidatingIssuerNameRegistry'>
      <authority name='someFriendlyName'>
         <keys>
            <add thumbprint='caseInsensitiveString'/>
            <add symmetricKey='Base64Encoded bytes' />
         </keys>
         <validIssuers>
            <add name='issuer1'/>
            <add name='issuer2'/>
         </validIssuers>
      </authority>
   </issuerNameRegistry>
</system.identityModel>

Thread Safety

Any public static (Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.

See Also

Reference

System.IdentityModel.Tokens Namespace