Databases
StackOverflow2013
Postsdbo
PO
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. PO
    text
    copied!<p>There are two different <code>Claim</code> types in .Net. One in WIF (<code>Microsoft.IdentityModel.Claims</code>) and one in <code>System.IdentityModel.Claims</code> that was used in WCF pre-WIF (it's not really part of WCT though). Only the <code>System.IdentityModel.Claims.Claim</code> has a <code>Right</code> property as you mention.</p> <p>I've used the claims approach with WCF and ASP.Net with and without WIF and the WIF programming model is definately the simpler of the two.</p> <p>For the User editing scenario that you describe, I would define a role with a suitable name. UserEditor could be OK but it sounds very specific. You should look at the collection of all the permissions that you want to grant to those users and come up with a suitable summarising name (maybe UserAdministrator?).</p> <p>For those users, you should add a role claim (i.e. of type <a href="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" rel="nofollow">http://schemas.microsoft.com/ws/2008/06/identity/claims/role</a> or <code>Microsoft.IdentityModel.Claims.ClaimTypes.Role</code>). If your identity provider is external to your application and you can't control the claims it issues, then you will need to implement a custom <code>ClaimsAuthenticationManager</code> to transform the issued claim set by adding the new role claim.</p> <p>Then you can decorate the operations you want to grant access to with a <code>PrincipalPermissionAttribute</code> something like this:</p> <p>[PrincipalPermission(SecurityAction.Demand, Role = "UserAdministrator")]</p> <p>This framework is fairly flexible and can be used in a number of different ways in ASP.Net, WCF or just regular .Net development. Your question doesn't give a lot of context to allow a very specific answer with examples.</p>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload