/// <summary>
/// Loads the settings for the IdentityConfiguration from the application or web configuration file.
/// </summary>
/// <remarks>
/// If there is no configuration file, or the named section does not exist, then no exception is thrown,
/// instead the class is loaded with a set of default values.
/// </remarks>
protected void LoadConfiguration(IdentityConfigurationElement element)
{
if (element != null)
{
//
// Load the claims authentication manager
//
if (element.ClaimsAuthenticationManager.IsConfigured)
{
_claimsAuthenticationManager = GetClaimsAuthenticationManager(element);
}
//
// Load the claims authorization manager.
//
if (element.ClaimsAuthorizationManager.IsConfigured)
{
_claimsAuthorizationManager = CustomTypeElement.Resolve <ClaimsAuthorizationManager>(element.ClaimsAuthorizationManager);
}
//
// Load the service level Security Token Handler configuration
//
_serviceHandlerConfiguration = LoadHandlerConfiguration(element);
}
//
// Reads handler configuration via LoadConfiguredHandlers. Do this last.
//
_securityTokenHandlerCollectionManager = LoadHandlers(element);
}
static void Main(string[] args)
{
// <Snippet2>
//
// Method 1. Simple access check using static method.
// Expect this to be most common method.
//
ClaimsPrincipalPermission.CheckAccess("resource", "action");
// </Snippet2>
// <Snippet3>
//
// Method 2. Programmatic check using the permission class
// Follows model found at http://msdn.microsoft.com/en-us/library/system.security.permissions.principalpermission.aspx
//
ClaimsPrincipalPermission cpp = new ClaimsPrincipalPermission("resource", "action");
cpp.Demand();
// </Snippet3>
//
// Method 3. Access check interacting directly with the authorization manager.
//
ClaimsAuthorizationManager am = new ClaimsAuthorizationManager();
am.CheckAccess(new AuthorizationContext((ClaimsPrincipal)Thread.CurrentPrincipal, "resource", "action"));
//
// Method 4. Call a method that is protected using the permission attribute class
//
ProtectedMethod();
Console.WriteLine("Press [Enter] to continue.");
Console.ReadLine();
}
public ActionResult About()
{
var ca = new ClaimsAuthorizationManager();
ClaimsPrincipalPermission.CheckAccess("home/about", "view");
ViewBag.Message = "Your application description page.";
return(View());
}
protected override bool AuthorizeCore(System.Web.HttpContextBase httpContext)
{
if (Context == null)
{
return(false);
}
ClaimsAuthorizationManager authorizationManager = FederatedAuthentication.FederationConfiguration.IdentityConfiguration.ClaimsAuthorizationManager;
return(authorizationManager.CheckAccess(Context));
}
protected override bool AuthorizeCore(System.Web.HttpContextBase httpContext)
{
if (String.IsNullOrWhiteSpace(Resrouce))
{
return(false);
}
var context = new System.Security.Claims.AuthorizationContext(ClaimsPrincipal.Current, Resrouce, Action);
ClaimsAuthorizationManager authorizationManager = FederatedAuthentication.FederationConfiguration.IdentityConfiguration.ClaimsAuthorizationManager;
return(authorizationManager.CheckAccess(context));
}
static void Main(string[] args)
{
//
// Configure .NET Framework to use Windows Claims Principals
// Emulates the authentication phase supported by the Windows Identity Foundation.
//
AppDomain.CurrentDomain.SetPrincipalPolicy(PrincipalPolicy.WindowsPrincipal);
Thread.CurrentPrincipal = ClaimsPrincipal.CreateFromPrincipal(Thread.CurrentPrincipal);
//
// Method 1. Simple access check using static method.
// Expect this to be most common method.
//
ClaimsPrincipalPermission.CheckAccess("resource", "action");
//
// Method 2. Programmatic check using the permission class
// Follows model found at http://msdn.microsoft.com/en-us/library/system.security.permissions.principalpermission.aspx
//
ClaimsPrincipalPermission cpp = new ClaimsPrincipalPermission("resource", "action");
cpp.Demand();
//
// Method 3. Access check interacting directly with the authorization manager.
//
ClaimsAuthorizationManager am = new ClaimsAuthorizationManager();
am.CheckAccess(new AuthorizationContext((IClaimsPrincipal)Thread.CurrentPrincipal, "resource", "action"));
//
// Method 4. Call a method that is protected using the permission attribute class
//
ProtectedMethod();
Console.WriteLine("Press [Enter] to continue.");
Console.ReadLine();
}
public HttpClaimsAuthorizationManager(ClaimsAuthorizationManager authorizationManager)
{
_authZ = authorizationManager;
}
public HttpClaimsAuthorizationManager()
{
_authZ = FederatedAuthentication.ServiceConfiguration
.ClaimsAuthorizationManager;
}
public HttpClaimsAuthorizationManager()
{
_authZ = FederatedAuthentication.FederationConfiguration
.IdentityConfiguration
.ClaimsAuthorizationManager;
}
public HttpClaimsAuthorizationManager(ClaimsAuthorizationManager authorizationManager)
{
_authZ = authorizationManager;
}
public HttpClaimsAuthorizationManager()
{
_authZ = FederatedAuthentication.ServiceConfiguration
.ClaimsAuthorizationManager;
}
