Rediger

Del via


AuthorizationContext.ClaimSets Property

Definition

Gets the set of claims associated with an authorization policy.

public:
 abstract property System::Collections::ObjectModel::ReadOnlyCollection<System::IdentityModel::Claims::ClaimSet ^> ^ ClaimSets { System::Collections::ObjectModel::ReadOnlyCollection<System::IdentityModel::Claims::ClaimSet ^> ^ get(); };
public abstract System.Collections.ObjectModel.ReadOnlyCollection<System.IdentityModel.Claims.ClaimSet> ClaimSets { get; }
member this.ClaimSets : System.Collections.ObjectModel.ReadOnlyCollection<System.IdentityModel.Claims.ClaimSet>
Public MustOverride ReadOnly Property ClaimSets As ReadOnlyCollection(Of ClaimSet)

Property Value

A ReadOnlyCollection<T> of type ClaimSet that contains the set of claims.

Examples

// Iterate through the various claim sets in the AuthorizationContext.
foreach(ClaimSet cs in operationContext.ServiceSecurityContext.AuthorizationContext.ClaimSets)
{
    // Examine only those claim sets issued by System.
    if (cs.Issuer == ClaimSet.System)
    {
        // Iterate through claims of type "http://example.org/claims/allowedoperation".
        foreach (Claim c in cs.FindClaims("http://example.org/claims/allowedoperation", Rights.PossessProperty))
        {
            // Write the Claim resource to the console.
            Console.WriteLine("resource: {0}", c.Resource.ToString());

            // If the Claim resource matches the action URI then return true to allow access.
            if (action == c.Resource.ToString())
                return true;
        }
    }
}
For Each cs In operationContext.ServiceSecurityContext.AuthorizationContext.ClaimSets
    ' Examine only those claim sets issued by System.
    If cs.Issuer Is ClaimSet.System Then
        ' Iterate through claims of type "http://example.org/claims/allowedoperation".
        Dim c As Claim
        For Each c In cs.FindClaims("http://example.org/claims/allowedoperation", Rights.PossessProperty)
            ' Write the Claim resource to the console.
            Console.WriteLine("resource: {0}", c.Resource.ToString())

            ' If the Claim resource matches the action URI then return true to allow access.
            If action = c.Resource.ToString() Then
                Return True
            End If
        Next c
    End If
Next cs

Remarks

Use the ClaimSets property to get the set of claims that were added by the authorization policy. A class deriving from ServiceAuthorizationManager can use the claims to make authorization decisions.

Applies to