ClaimsPrincipalPermission.CheckAccess(String, String) 方法
定义
检查是否授权当前主体在指定资源上执行指定操作。Checks if the current principal is authorized to perform the specified action on the specified resource.
public:
static void CheckAccess(System::String ^ resource, System::String ^ action);
public static void CheckAccess (string resource, string action);
static member CheckAccess : string * string -> unit
Public Shared Sub CheckAccess (resource As String, action As String)
参数
- resource
- String
主体应该被授权的资源。The resource on which the principal should be authorized.
- action
- String
应为其授权当前主体的操作。The action for which the principal should be authorized.
例外
当前主体无法从 ClaimsPrincipal 进行分配。The current principal is not assignable from ClaimsPrincipal.
- 或 --or- 没有配置的 ClaimsAuthorizationManager。There is no ClaimsAuthorizationManager configured.
授权检查已失败。The authorization check failed.
示例
下面的示例演示如何使用方法保护资源 CheckAccess 。The following example shows how to protect a resource by using the CheckAccess method. 将调用配置的声明授权管理器来评估当前主体是否针对指定的资源和操作。The configured claims authorization manager is invoked to evaluate the current principal against the specified resource and action. 如果未对指定资源的指定操作授权当前主体,则 SecurityException 将引发; 否则,执行将继续。If the current principal is not authorized for the specified action on the specified resource, a SecurityException is thrown; otherwise, execution proceeds.
//
// Method 1. Simple access check using static method.
// Expect this to be most common method.
//
ClaimsPrincipalPermission.CheckAccess("resource", "action");
注解
主体必须针对指定资源的指定操作进行授权,否则 SecurityException 会引发异常。The principal must be authorized for the specified action on the specified resource or the SecurityException exception is thrown.
ClaimsAuthorizationManager.CheckAccess配置的声明授权管理器的方法是使用 AuthorizationContext 活动主体 (CurrentPrincipal) 、资源和操作的组合来调用的。The ClaimsAuthorizationManager.CheckAccess method of the configured claims authorization manager is invoked with an AuthorizationContext composed of the active principal (CurrentPrincipal), the resource, and the action.