This project is read-only.

How to authenticate users against a custom user store

J.D. Meier, Jason Taylor, Prashant Bansode, Carlos Farre, Madhu Sundararajan, Steve Gregersen.

To authenticate users against a custom user store, configure your application to use username authentication with a custom username and password validator. Configure the custom validator in a service behavior and implement it in a class library. Your service uses the username and password validator to authenticate your users’ based on your custom user store.

The following configuration snippet shows how to configure a custom validator for your WCF service:
<userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="MyUserNamePasswordValidator,Host"/>
<serviceCertificate findValue="CN=FabrikamEnterprises"/>

The following code snippet shows how to implement a custom username and password validator:
using System;
using System.Collections.Generic;
using System.IdentityModel.Selectors;
using System.IdentityModel.Tokens;
using System.Text;

namespace DerivativesCalculator
    public class MyUserNamePasswordValidator : UserNamePasswordValidator
        public override void Validate(string userName, string password)
            Console.Write("\nValidating username, {0}, and password, {1} ... ", userName, password);
            if ((string.Compare(userName, "don", true) != 0) || (string.Compare(password, "hall", false) != 0))
                throw new SecurityTokenException("Unknown user.");
            Console.Write("Done: Credentials accepted. \n");

Last edited May 8, 2008 at 1:06 AM by prashantbansode, version 1


No comments yet.