You are looking at the wrong Claim classes - the one in System.IdentityModel.Claim is deprecated.
The new one is System.Security.Claims.
This book gives you the introduction to the philosophy: http://msdn.microsoft.com/en-us/library/ff423674.aspx
Pergunta
Currently, a project I'm on is doing security in a not-so-great way. I'm trying to upgrade it to Claims-based security because I think it matches up better with the type of information we store. However, I'm new to it so trying to soak up a lot ASAP.
We need to store:
That last one is tripping me up a bit. I think I need to create a custom Claim Type that has a client site ID and a role value.
Rights.PossessProperty
, or am I overthinking it?Thanks in advance for pointing me in the right direction. As I said, I'm soaking up Pluralsight courses, etc. but I'd also like to ship something. :)
Solução
You are looking at the wrong Claim classes - the one in System.IdentityModel.Claim is deprecated.
The new one is System.Security.Claims.
This book gives you the introduction to the philosophy: http://msdn.microsoft.com/en-us/library/ff423674.aspx
Outras dicas
Let's assume that you will have your "users to sections" coming from a database. Identity.HasClaim will let you validate the user to section. As far as the custom claim, it's just a string that needs to look similar to the one in the example below.
public class UsersSections
{
public int SectionId { get; set; }
public int UserId { get; set; }
}
var userSectionsList = new List<UsersSections>
{
new UsersSections
{
SectionId = 1000,
UserId = 200
},
new UsersSections
{
SectionId = 2000,
UserId = 200
}
};
var identity = new ClaimsIdentity();
identity.AddClaim(new Claim(ClaimTypes.NameIdentifier,"I am a user with a userid of 200"));
foreach (var usersSections in userSectionsList)
{
identity.AddClaim(new Claim("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/section","1000"));
}
if (identity.HasClaim("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/section", "1000"))
{
}