private void AuthorizeCall(IClaimsPrincipal principal)
        {
            string action = OperationContext.Current.RequestContext.RequestMessage.Headers.Action;

            ClaimsPrincipalPermission p = null;

            switch (action)
            {
            case "http://www.thatindigogirl.com/samples/2006/06/ICrudService/CreateSomething":
                p = new ClaimsPrincipalPermission(true, new DefaultClaimSet(ClaimsAuthorizationPolicy.CreateIssuerClaimSet(), ClaimsAuthorizationPolicy.CreateApplicationCreateClaim()));
                p.CheckClaims(principal);
                break;

            case "http://www.thatindigogirl.com/samples/2006/06/ICrudService/ReadSomething":
                p = new ClaimsPrincipalPermission(true, new DefaultClaimSet(ClaimsAuthorizationPolicy.CreateIssuerClaimSet(), ClaimsAuthorizationPolicy.CreateApplicationReadClaim()));
                p.CheckClaims(principal);
                break;

            case "http://www.thatindigogirl.com/samples/2006/06/ICrudService/UpdateSomething":
                p = new ClaimsPrincipalPermission(true, new DefaultClaimSet(ClaimsAuthorizationPolicy.CreateIssuerClaimSet(), ClaimsAuthorizationPolicy.CreateApplicationUpdateClaim()));
                p.CheckClaims(principal);
                break;

            case "http://www.thatindigogirl.com/samples/2006/06/ICrudService/DeleteSomething":
                p = new ClaimsPrincipalPermission(true, new DefaultClaimSet(ClaimsAuthorizationPolicy.CreateIssuerClaimSet(), ClaimsAuthorizationPolicy.CreateApplicationDeleteClaim()));
                p.CheckClaims(principal);
                break;
            }
        }
Exemple #2
0
        public override System.Security.IPermission CreatePermission()
        {
            if (this.Unrestricted)
            {
                return(new ClaimsPrincipalPermission(PermissionState.Unrestricted));
            }

            ClaimSet cs = ClaimsAuthorizationPolicy.CreateClaimSet(this.m_resource, this.m_requiredClaimType);

            return(new ClaimsPrincipalPermission(this.m_isAuthenticated, cs));
        }
        public static ClaimSet CreateApplicationClaimSet(params string[] claimTypes)
        {
            List <Claim> claims = new List <Claim>();

            foreach (string s in claimTypes)
            {
                if (!IsValidClaimType(s))
                {
                    throw new SecurityException(string.Format("Invalid claim type provided: {0}", s));
                }

                claims.Add(new Claim(s, ClaimsAuthorizationPolicy.Resources.Application, Rights.PossessProperty));
            }

            return(new DefaultClaimSet(ClaimsAuthorizationPolicy.CreateIssuerClaimSet(), claims));
        }
        public static ClaimSet CreateClaimSet(string resource, string claimType)
        {
            List <Claim> claims = new List <Claim>();

            if (!IsValidResource(resource))
            {
                throw new SecurityException(string.Format("Resource not supported by ClaimsAuthorizationPolicy: {0}", resource));
            }

            if (!IsValidClaimType(claimType))
            {
                throw new SecurityException(string.Format("Claim type not supported by ClaimsAuthorizationPolicy: {0}", claimType));
            }

            claims.Add(new Claim(claimType, resource, Rights.PossessProperty));

            return(new DefaultClaimSet(ClaimsAuthorizationPolicy.CreateIssuerClaimSet(), claims));
        }
 public ClaimsAuthorizationPolicy()
 {
     m_id     = Guid.NewGuid();
     m_issuer = ClaimsAuthorizationPolicy.CreateIssuerClaimSet();
 }