ClaimSet Class

Definition

Represents the collection of claims that are associated with an entity.

public ref class ClaimSet abstract : System::Collections::Generic::IEnumerable<System::IdentityModel::Claims::Claim ^>
[System.Runtime.Serialization.DataContract(Namespace="http://schemas.xmlsoap.org/ws/2005/05/identity")]
public abstract class ClaimSet : System.Collections.Generic.IEnumerable<System.IdentityModel.Claims.Claim>
type ClaimSet = class
    interface seq<Claim>
    interface IEnumerable
Public MustInherit Class ClaimSet
Implements IEnumerable(Of Claim)
Inheritance
ClaimSet
Derived
Attributes
Implements

Examples

       public class MyServiceAuthorizationManager : ServiceAuthorizationManager
       {

          protected override bool CheckAccessCore(OperationContext operationContext)
           {                
               // Extract the action URI from the OperationContext. Match this against the claims
               // in the AuthorizationContext.

               string action = operationContext.RequestContext.RequestMessage.Headers.Action;
               Console.WriteLine("action: {0}", action);

               // Iterate through the various claim sets in the AuthorizationContext.
               foreach(ClaimSet cs in operationContext.ServiceSecurityContext.AuthorizationContext.ClaimSets)
               {
                   // Examine only those claim sets issued by System.
                   if (cs.Issuer == ClaimSet.System)
                   {
                       // Iterate through claims of type "http://example.org/claims/allowedoperation".
                       foreach (Claim c in cs.FindClaims("http://example.org/claims/allowedoperation", 
                           Rights.PossessProperty))
                       {
                           // Write the claim resource to the console.
                           Console.WriteLine("resource: {0}", c.Resource.ToString());

                           // If the claim resource matches the action URI then return true to allow access.
                           if (action == c.Resource.ToString())
                               return true;
                       }
                   }
               }
               
               // If this point is reached, return false to deny access.
               return false;                 
           }

       }
Public Class MyServiceAuthorizationManager
    Inherits ServiceAuthorizationManager

    Protected Overrides Function CheckAccessCore(ByVal operationContext As OperationContext) As Boolean

        ' Extract the action URI from the OperationContext. Match this against the claims
        ' in the AuthorizationContext.
        Dim action As String = operationContext.RequestContext.RequestMessage.Headers.Action
        Console.WriteLine("action: {0}", action)

        ' Iterate through the various claim sets in the AuthorizationContext.
        Dim cs As ClaimSet

        For Each cs In operationContext.ServiceSecurityContext.AuthorizationContext.ClaimSets
            ' Examine only those claim sets issued by System.
            If cs.Issuer Is ClaimSet.System Then
                ' Iterate through claims of type "http://example.org/claims/allowedoperation".
                Dim c As Claim
                For Each c In cs.FindClaims("http://example.org/claims/allowedoperation", Rights.PossessProperty)
                    ' Write the claim resource to the console.
                    Console.WriteLine("resource: {0}", c.Resource.ToString())

                    ' If the claim resource matches the action URI then return true to allow access
                    If action = c.Resource.ToString() Then
                        Return True
                    End If
                Next c
            End If
        Next cs
        ' 
        ' If this point is reached, return false to deny access.
        Return False

    End Function 

Remarks

After the ClaimSet class has been created, it cannot be changed.

Examining the content of a ClaimSet for particular types of claims is a common task when using claim-based authorization. To examine a ClaimSet for the presence of particular claims, use the FindClaims method. The method provides better performance than iterating directly over the ClaimSet.

Constructors

ClaimSet()

Initializes a new instance of the ClaimSet class.

Properties

Count

When overridden in a derived class, gets the number of claims in this claim set.

Issuer

When overridden in a derived class, gets the entity that issued this ClaimSet.

Item[Int32]

When overridden in a derived class, gets the Claim for the specified index.

System

Gets a ClaimSet object that represents an application trusted issuer.

Windows

Gets a set of claims that contains Windows security identifiers.

Methods

ContainsClaim(Claim)

Determines whether the ClaimSet contains the specified Claim.

ContainsClaim(Claim, IEqualityComparer<Claim>)

Determines whether the ClaimSet contains the specified Claim, by using the specified IEqualityComparer<T> object.

Equals(Object)

Determines whether the specified object is equal to the current object.

(Inherited from Object)
FindClaims(String, String)

When overridden in a derived class, searches for a Claim object that matches the specified claim type and rights in the ClaimSet.

GetEnumerator()

When overridden in a derived class, gets a IEnumerator<T> that can be used to enumerate the Claim object in the ClaimSet.

GetHashCode()

Serves as the default hash function.

(Inherited from Object)
GetType()

Gets the Type of the current instance.

(Inherited from Object)
MemberwiseClone()

Creates a shallow copy of the current Object.

(Inherited from Object)
ToString()

Returns a string that represents the current object.

(Inherited from Object)

Explicit Interface Implementations

IEnumerable.GetEnumerator()

Gets an IEnumerator<T> that can be used to enumerate the Claim object in the ClaimSet.

Extension Methods

CopyToDataTable<T>(IEnumerable<T>)

Returns a DataTable that contains copies of the DataRow objects, given an input IEnumerable<T> object where the generic parameter T is DataRow.

CopyToDataTable<T>(IEnumerable<T>, DataTable, LoadOption)

Copies DataRow objects to the specified DataTable, given an input IEnumerable<T> object where the generic parameter T is DataRow.

CopyToDataTable<T>(IEnumerable<T>, DataTable, LoadOption, FillErrorEventHandler)

Copies DataRow objects to the specified DataTable, given an input IEnumerable<T> object where the generic parameter T is DataRow.

Cast<TResult>(IEnumerable)

Casts the elements of an IEnumerable to the specified type.

OfType<TResult>(IEnumerable)

Filters the elements of an IEnumerable based on a specified type.

AsParallel(IEnumerable)

Enables parallelization of a query.

AsQueryable(IEnumerable)

Converts an IEnumerable to an IQueryable.

Ancestors<T>(IEnumerable<T>)

Returns a collection of elements that contains the ancestors of every node in the source collection.

Ancestors<T>(IEnumerable<T>, XName)

Returns a filtered collection of elements that contains the ancestors of every node in the source collection. Only elements that have a matching XName are included in the collection.

DescendantNodes<T>(IEnumerable<T>)

Returns a collection of the descendant nodes of every document and element in the source collection.

Descendants<T>(IEnumerable<T>)

Returns a collection of elements that contains the descendant elements of every element and document in the source collection.

Descendants<T>(IEnumerable<T>, XName)

Returns a filtered collection of elements that contains the descendant elements of every element and document in the source collection. Only elements that have a matching XName are included in the collection.

Elements<T>(IEnumerable<T>)

Returns a collection of the child elements of every element and document in the source collection.

Elements<T>(IEnumerable<T>, XName)

Returns a filtered collection of the child elements of every element and document in the source collection. Only elements that have a matching XName are included in the collection.

InDocumentOrder<T>(IEnumerable<T>)

Returns a collection of nodes that contains all nodes in the source collection, sorted in document order.

Nodes<T>(IEnumerable<T>)

Returns a collection of the child nodes of every document and element in the source collection.

Remove<T>(IEnumerable<T>)

Removes every node in the source collection from its parent node.

Applies to