System.ServiceModel 4.0.0.0 System.Object If none of the bindings used by a service is configured for user name/password-based authentication, the relevant properties for this class are ignored. These properties include the , , , and properties. If none of the bindings used by a service is configured to use Windows authentication for user name/password, the settings related to caching of logon tokens are ignored. These settings include the , , and properties.

Represents a class that is used to configure how the service authenticates users that use user name/password authentication and to configure the caching of logon tokens.

Property 4.0.0.0 System.TimeSpan To be added. crdefault .

Gets or sets the maximum length of time that a token is cached.

Property 4.0.0.0 System.Boolean To be added. By default, indigo2 security asks the Windows security subsystem to create a logon token for every incoming user name/password security token if the user name is being mapped to a Windows account. This behavior can be changed by setting the property. For mode, the service uses Win32's LogonUser function for user name/password authentication. If the is set to true, the resulting Windows token is cached and reused for the same user name/password pair. The cache is valid for . The maximum number of caches is limited to .

Gets or sets a value that indicates whether logon tokens are cached.

Property 4.0.0.0 System.IdentityModel.Selectors.UserNamePasswordValidator To be added. The property must be set to for the to take effect. When the property is set and the property is not, indigo2 uses Windows authentication and ignores the value of the property. For mode, the service uses for user name/password authentication by calling the method.

Gets or sets a custom user name and password validator.

Property 4.0.0.0 System.Boolean To be added. In most scenarios when validating Windows user names and passwords, Windows groups in which users belong provide useful information for authorization decisions. However, if the Windows groups are not required, setting this property to false can improve performance by avoiding a full-group claim population.

Gets or sets a value that indicates whether Windows groups are included in the security context.

Property 4.0.0.0 System.Int32 To be added. The default value is 128. crdefault .

Gets or sets the maximum number of logon tokens to cache.

Property 4.0.0.0 System.Web.Security.MembershipProvider To be added. For mode, the service uses for user name/password authentication by calling the method. The property must be set to for the to take effect. When the property is set and the property is not, indigo2 uses Windows authentication and ignores the value of the property. If the property is set to MembershipProvider and the MembershipProvider property is not set to a value, the default is the class.

Gets or sets the membership provider.

Property 4.0.0.0 System.ServiceModel.Security.UserNamePasswordValidationMode To be added. Possible values are: If this property is set to , the service uses the object returned by to validate user names and passwords in incoming messages. When a indigo2 service is hosted in Internet Information Services (IIS) using transport-level security and the property is set to , the custom authentication scheme uses a subset of Windows authentication. That is because in this scenario, IIS performs Windows authentication prior to indigo2 invoking the custom authenticator. When the value of this property is set to , specify the membership provider by setting the property, and then the membership provider instance specified by the property is used to validate the username and password in incoming messages.

Gets or sets the method of validating the user name and password.