IAuthorizationPolicy.Evaluate(EvaluationContext, Object) 메서드

  • 참조

정의

네임스페이스:
System.IdentityModel.Policy
어셈블리:
System.ServiceModel.Primitives.dll
어셈블리:
System.IdentityModel.dll
패키지:
System.ServiceModel.Primitives v6.0.0
패키지:
System.ServiceModel.Primitives v6.2.0
패키지:
System.ServiceModel.Primitives v8.0.0
Source:
IAuthorizationPolicy.cs
Source:
IAuthorizationPolicy.cs
Source:
IAuthorizationPolicy.cs

사용자가 이 권한 부여 정책에 대한 요구 사항을 충족하는지 여부를 평가합니다.

public:
 bool Evaluate(System::IdentityModel::Policy::EvaluationContext ^ evaluationContext, System::Object ^ % state);
public bool Evaluate (System.IdentityModel.Policy.EvaluationContext evaluationContext, ref object state);
abstract member Evaluate : System.IdentityModel.Policy.EvaluationContext * obj -> bool
Public Function Evaluate (evaluationContext As EvaluationContext, ByRef state As Object) As Boolean

매개 변수

evaluationContext
EvaluationContext

권한 부여 정책에서 평가하는 클레임이 포함된 EvaluationContext입니다.

state
Object

이 권한 부여 정책에 대한 사용자 지정 상태를 나타내는 참조로 전달되는 Object입니다.

반환

Boolean

다른 권한 부여 정책에서 추가 클레임을 evaluationContext에 추가하는 경우 이 권한 부여 정책에 대한 Evaluate(EvaluationContext, Object) 메서드를 호출해야 하면 false이고, 그렇지 않으면 이 권한 부여 정책에서 추가 평가를 요구하지 않음을 나타내는 true입니다.

예제

public bool Evaluate(EvaluationContext evaluationContext, ref object state)
{
    bool bRet = false;
    CustomAuthState customstate = null;

    // If state is null, then this method has not been called before, so
    // set up a custom state.
    if (state == null)
    {
        customstate = new CustomAuthState();
        state = customstate;
    }
    else
    {
        customstate = (CustomAuthState)state;
    }

    Console.WriteLine("Inside MyAuthorizationPolicy::Evaluate");

    // If claims have not been added yet...
    if (!customstate.ClaimsAdded)
    {
        // Create an empty list of Claims.
        IList<Claim> claims = new List<Claim>();

        // Iterate through each of the claim sets in the evaluation context.
        foreach (ClaimSet cs in evaluationContext.ClaimSets)
            // Look for Name claims in the current claim set.
            foreach (Claim c in cs.FindClaims(ClaimTypes.Name, Rights.PossessProperty))
                // Get the list of operations the given username is allowed to call.
                foreach (string s in GetAllowedOpList(c.Resource.ToString()))
                {
                    // Add claims to the list.
                    claims.Add(new Claim("http://example.org/claims/allowedoperation", s, Rights.PossessProperty));
                    Console.WriteLine("Claim added {0}", s);
                }

        // Add claims to the evaluation context.
        evaluationContext.AddClaimSet(this, new DefaultClaimSet(this.Issuer,claims));

        // Record that claims have been added.
        customstate.ClaimsAdded = true;

        // Return true, which indicates this need not be called again.
        bRet = true;
    }
    else
    {
        // This point should not be reached, but just in case...
        bRet = true;
    }

    return bRet;
}

Public Function Evaluate(ByVal evaluationContext As EvaluationContext, _
     ByRef state As Object) As Boolean Implements IAuthorizationPolicy.Evaluate

    Dim bRet As Boolean = False
    Dim customstate As CustomAuthState = Nothing

    ' If state is null, then this method has not been called before, so 
    ' set up a custom state.
    If state Is Nothing Then
        customstate = New CustomAuthState()
        state = customstate
    Else
        customstate = CType(state, CustomAuthState)
    End If
    Console.WriteLine("Inside MyAuthorizationPolicy::Evaluate")

    ' If the claims have not been added yet...
    If Not customstate.ClaimsAdded Then
        ' Create an empty list of Claims
        Dim claims As New List(Of Claim)

        ' Iterate through each of the claimsets in the evaluation context.
        Dim cs As ClaimSet
        For Each cs In evaluationContext.ClaimSets
            ' Look for Name claims in the current claim set.
            Dim c As Claim
            For Each c In cs.FindClaims(ClaimTypes.Name, Rights.PossessProperty)
                ' Get the list of operations the given username is allowed to call.
                Dim s As String
                For Each s In GetAllowedOpList(c.Resource.ToString())

                    ' Add claims to the list
                    claims.Add(New Claim("http://example.org/claims/allowedoperation", _
                                s, Rights.PossessProperty))
                    Console.WriteLine("Claim added {0}", s)
                Next s
            Next c
        Next cs 
        
        ' Add claims to the evaluation context.
        evaluationContext.AddClaimSet(Me, New DefaultClaimSet(Me.Issuer, claims))

        ' Record that claims have been added.
        customstate.ClaimsAdded = True

        ' Return true, which indicates the method need not to be called again.
        bRet = True
    Else
        ' Should never get here, but just in case...
        bRet = True
    End If


    Return bRet

End Function 'Evaluate

설명

참고

IAuthorizationPolicy 인터페이스의 구현자는 다른 스레드에서 Evaluate 메서드가 여러 번 호출될 것을 예상해야 합니다.

IAuthorizationPolicy 인터페이스의 구현자는 state 매개 변수를 사용하여 Evaluate 메서드 호출 간의 상태를 추적할 수 있습니다. 상태 개체가 지정된 Evaluate 메서드 호출 내에서 설정되어 있으면 동일한 개체 인스턴스가 현재 평가 프로세스에서 이후의 모든 Evaluate 메서드 호출에 각각 전달됩니다.

적용 대상