ClaimsAuthenticationManager 类

定义

定义身份验证管理器的基本实现。Defines the base implementation for a claims authentication manager. 声明验证管理器在声明处理管道中提供某一位置以便将处理逻辑(筛选、验证、扩展)在执行到达您的应用程序代码之前应用于传入主体的声明集合。The claims authentication manager provides a place in the claims processing pipeline for applying processing logic (filtering, validation, extension) to the claims collection in the incoming principal before execution reaches your application code.

public ref class ClaimsAuthenticationManager : System::IdentityModel::Configuration::ICustomIdentityConfiguration
public class ClaimsAuthenticationManager : System.IdentityModel.Configuration.ICustomIdentityConfiguration
type ClaimsAuthenticationManager = class
    interface ICustomIdentityConfiguration
Public Class ClaimsAuthenticationManager
Implements ICustomIdentityConfiguration
继承
ClaimsAuthenticationManager
实现

示例

下面的代码演示了一个简单的声明身份验证管理器,它将角色声明添加到传入主体,而无需对传入声明执行任何检查。The following code shows a simple claims authentication manager that adds a role claim to the incoming principal without performing any check on the incoming claims.

using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;

using System.Security.Claims;

namespace MyClaimsAuthenticationManager
{
    class SimpleClaimsAuthenticatonManager : ClaimsAuthenticationManager
    {
        public override ClaimsPrincipal Authenticate(string resourceName, ClaimsPrincipal incomingPrincipal)
        {
            if (incomingPrincipal != null && incomingPrincipal.Identity.IsAuthenticated == true)
            {
                ((ClaimsIdentity)incomingPrincipal.Identity).AddClaim(new Claim(ClaimTypes.Role, "User"));
            }
            return incomingPrincipal; 
        }
    }
}

下面的 XML 显示 <claimsAuthenticationManager> 元素。The following XML shows the <claimsAuthenticationManager> element.

<system.identityModel>  
  <identityConfiguration>  
    <claimsAuthenticationManager type="MyClaimsAuthenticationManager.SimpleClaimsAuthenticatonManager, MyClaimsAuthenticationManager" />  

    ...  

  </identityConfiguration>  
</system.identityModel>  

注解

声明身份验证管理器提供应用程序声明处理管道中的一个扩展点,您可以使用该扩展点来验证、筛选、修改传入声明,或将新的声明注入到 ClaimsPrincipal 执行 RP 应用程序代码之前由提供的声明集中。The claims authentication manager provides an extensibility point in the application's claims processing pipeline that you can use to validate, filter, modify, incoming claims or inject new claims into the set of claims presented by a ClaimsPrincipal before the RP application code is executed. 如果 RP 应用程序需要,甚至可以返回的自定义实现 ClaimsPrincipalYou can even return a custom implementation of ClaimsPrincipal if your RP application requires it. 类提供的默认实现 ClaimsAuthenticationManager 返回未修改的中的声明 ClaimsPrincipal ; 不过,你可以从此类派生并重写 Authenticate 方法以修改 (中的声明 ClaimsPrincipal 或返回自定义 ClaimsPrincipal) 。The default implementation provided by the ClaimsAuthenticationManager class returns the claims in the ClaimsPrincipal unmodified; however, you can derive from this class and override the Authenticate method to modify the claims in the ClaimsPrincipal (or to return a custom ClaimsPrincipal).

创建自定义声明身份验证管理器的一个典型原因是,根据或不知道的信息添加、删除或转换声明,这可能会更好地由 RP 应用程序维护。A typical reason for creating a custom claims authentication manager is to add, remove, or transform claims based on information that is only known by or is, perhaps, better maintained by the RP application. 例如,在购物车应用程序中购买客户的历史记录可能保存在由 RP 应用程序维护的数据基础中,然后根据传入主体中找到的名称声明的值将其添加到声明身份验证管理器返回的声明主体。For example, a history of customer purchases in a shopping cart application might be kept in a data base maintained by the RP application and then added to the claims principal returned by the claims authentication manager based on the value of a name claim found in the incoming principal.

你可以通过 ClaimsAuthenticationManager claimsAuthenticationManager 元素使用类或配置,将应用程序配置为以编程方式使用, IdentityConfiguration (这是 < identityConfiguration > 元素的子元素,) 。 < > You can configure your application to use a ClaimsAuthenticationManager either programmatically by using the IdentityConfiguration class or in configuration through the <claimsAuthenticationManager> element (which is a child element of the <identityConfiguration> element). 您可以重写 LoadCustomConfiguration 方法,以便为 <claimsAuthenticationManager> 可通过其配置自定义管理器的元素的自定义子元素提供处理。You can override the LoadCustomConfiguration method to provide processing for custom child elements of the <claimsAuthenticationManager> element through which your custom manager can be configured. 的基实现 ClaimsAuthenticationManager 不处理任何子元素。The base implementation of ClaimsAuthenticationManager does not handle any child elements.

将应用程序配置为使用声明身份验证管理器可确保 Windows Identity Foundation (WIF) 从请求管道调用该应用程序。Configuring your application to use a claims authentication manager ensures that it will be invoked by Windows Identity Foundation (WIF) from the request pipeline.

构造函数

ClaimsAuthenticationManager()

初始化 ClaimsAuthenticationManager 类的新实例。Initializes a new instance of the ClaimsAuthenticationManager class.

方法

Authenticate(String, ClaimsPrincipal)

在派生中重写时,将返回与 RP 应用程序的要求一致的 ClaimsPrincipal 对象。When overridden in a derived class, returns a ClaimsPrincipal object consistent with the requirements of the RP application. 默认实现未修改传入的 ClaimsPrincipalThe default implementation does not modify the incoming ClaimsPrincipal.

Equals(Object)

确定指定对象是否等于当前对象。Determines whether the specified object is equal to the current object.

(继承自 Object)
GetHashCode()

作为默认哈希函数。Serves as the default hash function.

(继承自 Object)
GetType()

获取当前实例的 TypeGets the Type of the current instance.

(继承自 Object)
LoadCustomConfiguration(XmlNodeList)

在派生类中重写时,将从 XML 中加载自定义配置。When overridden in a derived class, loads custom configuration from XML.

MemberwiseClone()

创建当前 Object 的浅表副本。Creates a shallow copy of the current Object.

(继承自 Object)
ToString()

返回表示当前对象的字符串。Returns a string that represents the current object.

(继承自 Object)

适用于