Question
I have been looking at the ClaimsAuthorizationManager. If I had a claim that was the following:
Type = TypeOfEmployeesThatCanBeViewed, Value = "Managers"
Then I browsed to my MVC controller with mysite/employees/read/managers. And I wanted to see if the currentprincipal was authorised to view managers.
How would you pass the actual request parameters i.e the "managers" to the ClaimsAuthorizationManager. I can see how to pass "Read" and "Employers" via the Action and Resource properties of the AuthorizationContext, but not the parameters.
Thanks
Solution
Thinktecture IdentityModel helper library is your friend. It provides a better API for doing claims based checks and then you could pass as many parameters as you want using ClaimsAuthorization.CheckAccess method.
So you should add the following line of code at the very beginning of your action method :
https://stackoverflow.com/questions/22209745
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianClaimsAuthorization.CheckAccess("Read", "Employees", "Managers");
In ur CheckAccess method u can get Employees and Managers parameters from the context.Resource collection.
