STS Geneva Server
https://stackoverflow.com/questions/1176826
-
19-09-2019 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianPergunta
Minha exigência é as reivindicações atribuídas a um usuário são empresa consciente tão dizer, por exemplo Usuário 1:. É editor para Product Manager para Empresa 1, mas o mesmo usuário é único editor de Empresa B. Isso pode ser conseguido através de Geneva Server, ou necessidades de código adicionais a serem gravados para aulas de substituição
Solução
In my opinion it's the relying party itself should be making decisions on what roles to attach to a token based upon the identity itself.
However you can set rules based on individual relying parties and choose to serve information as a claim based on whatever the backing store says. Now how you represent that information in whatever backing store you are using (AD, LDAP, SQL, whatever) is a design decision at your end. You may also want to look at harnessing the claims transformation language in beta 2.
It's really hard to give any specific advice without knowing details about where your claim backing store is going to be and why you think you need to go this route.
