ClaimsPrincipalPermission.Demand 方法
定义
检查当前主体是否获得与当前实例关联的资源操作对的授权。Checks if the current principal is authorized for the resource-action pairs associated with the current instance.
public:
virtual void Demand();
public void Demand ();
abstract member Demand : unit -> unit
override this.Demand : unit -> unit
Public Sub Demand ()
实现
例外
当前主体无法从 ClaimsPrincipal 进行分配。The current principal is not assignable from ClaimsPrincipal.
- 或 --or- 没有配置的 ClaimsAuthorizationManager。There is no ClaimsAuthorizationManager configured.
授权检查已失败。The authorization check failed.
示例
下面的示例演示如何使用方法保护资源 Demand 。The following example shows how to protect a resource by using the Demand method. 将调用配置的声明授权管理器来评估当前主体是否针对指定的资源和操作。The configured claims authorization manager is invoked to evaluate the current principal against the specified resource and action. 如果未对指定资源的指定操作授权当前主体,则 SecurityException 将引发; 否则,执行将继续。If the current principal is not authorized for the specified action on the specified resource, a SecurityException is thrown; otherwise, execution proceeds.
//
// Method 2. Programmatic check using the permission class
// Follows model found at http://msdn.microsoft.com/library/system.security.permissions.principalpermission.aspx
//
ClaimsPrincipalPermission cpp = new ClaimsPrincipalPermission("resource", "action");
cpp.Demand();
注解
对于与此实例关联的所有资源操作对,当前主体必须进行授权,否则将 SecurityException 引发异常。The current principal must be authorized for all of the resource-action pairs associated with this instance or the SecurityException exception is thrown.
尽管构造函数只使用单个资源和操作,但 ClaimsPrincipalPermission 可以通过和方法合并对象 Union Intersect 。Although the constructor only takes a single resource and action, ClaimsPrincipalPermission objects can be combined through the Union and Intersect methods. 通过这些方法创建的权限可能包含多个资源操作对。The permission created through these methods may contain multiple resource-action pairs.
Demand方法 ClaimsAuthorizationManager.CheckAccess 使用 AuthorizationContext 活动主体 (CurrentPrincipal) 、资源和权限中包含的每个资源操作对的操作,调用已配置的声明授权管理器的方法。The Demand method invokes the ClaimsAuthorizationManager.CheckAccess method of the configured claims authorization manager with an AuthorizationContext composed of the active principal (CurrentPrincipal), the resource, and the action for each of the resource-action pairs contained in the permission. Demand若要成功,必须针对权限中包含的所有资源操作对对活动主体授权。For the Demand to succeed the active principal must be authorized for all of the resource-action pairs that are contained in the permission.