private void AuthorizeCall(IClaimsPrincipal principal)
{
string action = OperationContext.Current.RequestContext.RequestMessage.Headers.Action;
ClaimsPrincipalPermission p = null;
switch (action)
{
case "http://www.thatindigogirl.com/samples/2006/06/ICrudService/CreateSomething":
p = new ClaimsPrincipalPermission(true, new DefaultClaimSet(ClaimsAuthorizationPolicy.CreateIssuerClaimSet(), ClaimsAuthorizationPolicy.CreateApplicationCreateClaim()));
p.CheckClaims(principal);
break;
case "http://www.thatindigogirl.com/samples/2006/06/ICrudService/ReadSomething":
p = new ClaimsPrincipalPermission(true, new DefaultClaimSet(ClaimsAuthorizationPolicy.CreateIssuerClaimSet(), ClaimsAuthorizationPolicy.CreateApplicationReadClaim()));
p.CheckClaims(principal);
break;
case "http://www.thatindigogirl.com/samples/2006/06/ICrudService/UpdateSomething":
p = new ClaimsPrincipalPermission(true, new DefaultClaimSet(ClaimsAuthorizationPolicy.CreateIssuerClaimSet(), ClaimsAuthorizationPolicy.CreateApplicationUpdateClaim()));
p.CheckClaims(principal);
break;
case "http://www.thatindigogirl.com/samples/2006/06/ICrudService/DeleteSomething":
p = new ClaimsPrincipalPermission(true, new DefaultClaimSet(ClaimsAuthorizationPolicy.CreateIssuerClaimSet(), ClaimsAuthorizationPolicy.CreateApplicationDeleteClaim()));
p.CheckClaims(principal);
break;
}
}
public override System.Security.IPermission CreatePermission()
{
if (this.Unrestricted)
{
return(new ClaimsPrincipalPermission(PermissionState.Unrestricted));
}
ClaimSet cs = ClaimsAuthorizationPolicy.CreateClaimSet(this.m_resource, this.m_requiredClaimType);
return(new ClaimsPrincipalPermission(this.m_isAuthenticated, cs));
}
public static ClaimSet CreateApplicationClaimSet(params string[] claimTypes)
{
List <Claim> claims = new List <Claim>();
foreach (string s in claimTypes)
{
if (!IsValidClaimType(s))
{
throw new SecurityException(string.Format("Invalid claim type provided: {0}", s));
}
claims.Add(new Claim(s, ClaimsAuthorizationPolicy.Resources.Application, Rights.PossessProperty));
}
return(new DefaultClaimSet(ClaimsAuthorizationPolicy.CreateIssuerClaimSet(), claims));
}
public static ClaimSet CreateClaimSet(string resource, string claimType)
{
List <Claim> claims = new List <Claim>();
if (!IsValidResource(resource))
{
throw new SecurityException(string.Format("Resource not supported by ClaimsAuthorizationPolicy: {0}", resource));
}
if (!IsValidClaimType(claimType))
{
throw new SecurityException(string.Format("Claim type not supported by ClaimsAuthorizationPolicy: {0}", claimType));
}
claims.Add(new Claim(claimType, resource, Rights.PossessProperty));
return(new DefaultClaimSet(ClaimsAuthorizationPolicy.CreateIssuerClaimSet(), claims));
}
public ClaimsAuthorizationPolicy()
{
m_id = Guid.NewGuid();
m_issuer = ClaimsAuthorizationPolicy.CreateIssuerClaimSet();
}
