ClaimsIdentity 類別

定義

代表宣告式身分識別。Represents a claims-based identity.

public ref class ClaimsIdentity : System::Security::Principal::IIdentity
public class ClaimsIdentity : System.Security.Principal.IIdentity
[System.Runtime.InteropServices.ComVisible(true)]
[System.Serializable]
public class ClaimsIdentity : System.Security.Principal.IIdentity
type ClaimsIdentity = class
    interface IIdentity
[<System.Runtime.InteropServices.ComVisible(true)>]
[<System.Serializable>]
type ClaimsIdentity = class
    interface IIdentity
Public Class ClaimsIdentity
Implements IIdentity
繼承
ClaimsIdentity
衍生
屬性
實作

備註

ClaimsIdentity類別是宣告式身分識別的具體執行,也就是宣告集合所描述的身分識別。The ClaimsIdentity class is a concrete implementation of a claims-based identity; that is, an identity described by a collection of claims. 「宣告」(claim)是有關簽發者所建立之實體的聲明,描述該實體的屬性、許可權或其他品質。A claim is a statement about an entity made by an issuer that describes a property, right, or some other quality of that entity. 這類實體稱為宣告的主體。Such an entity is said to be the subject of the claim. 宣告是由 Claim 類別表示。A claim is represented by the Claim class. 中包含的宣告 ClaimsIdentity 會描述對應身分識別所代表的實體,而且可以用來進行授權和驗證決策。The claims contained in a ClaimsIdentity describe the entity that the corresponding identity represents, and can be used to make authorization and authentication decisions. 以宣告為基礎的存取模型有許多優點,優於依賴角色的傳統存取模型。A claims-based access model has many advantages over more traditional access models that rely exclusively on roles. 例如,宣告可以提供更豐富的身分識別資訊,並可透過更明確的方式評估授權或驗證。For example, claims can provide much richer information about the identity they represent and can be evaluated for authorization or authentication in a far more specific manner.

從 .NET Framework 4.5 開始,Windows Identity Foundation (WIF) 和宣告式身分識別已完全整合到 .NET Framework 中。Beginning with .NET Framework 4.5, Windows Identity Foundation (WIF) and claims-based identity have been fully integrated into the .NET Framework. 這表示 .NET Framework 中代表身分識別的許多類別現在都是衍生自 ClaimsIdentity ,並透過宣告的集合來描述其屬性。This means that many classes that represent an identity in the .NET Framework now derive from ClaimsIdentity and describe their properties through a collection of claims. 這不同于舊版的 .NET Framework,在此版本中,這些類別會直接實作為 IIdentity 介面。This is different from previous versions of the .NET Framework, in which, these classes implemented the IIdentity interface directly. 描述身分識別的宣告集合可透過屬性來存取 ClaimsThe collection of claims that describe the identity can be accessed through the Claims property. ClaimsIdentity類別提供數種方法來尋找和修改宣告,並且完全支援 (LINQ) 的語言整合式查詢。The ClaimsIdentity class provides several methods for finding and modifying claims and fully supports language integrated queries (LINQ). 在應用程式程式碼中, ClaimsIdentity 通常會透過物件存取物件, ClaimsPrincipal 例如,由傳回的主體 Thread.CurrentPrincipalIn application code, ClaimsIdentity objects are typically accessed through ClaimsPrincipal objects; for example, the principal returned by Thread.CurrentPrincipal.

注意

ClaimsPrincipal類別 Claims 也有屬性。The ClaimsPrincipal class has a Claims property as well. 在大部分的情況下,您應該透過 ClaimsPrincipal.Claims 集合(而不是透過集合)來存取使用者的宣告 ClaimsIn the majority of cases you should access the user's claims through the ClaimsPrincipal.Claims collection rather than through the Claims collection. ClaimsIdentity只有當主體包含一個以上的 ClaimsIdentity ,且您需要評估或修改特定的身分識別時,才需要存取個人的宣告。You will need to access the claims of an individual ClaimsIdentity only in the cases where the principal contains more than one ClaimsIdentity and you need to evaluate or modify a specific identity.

重要

若要加入或移除集合中的宣告 Claims ,呼叫端必須具有完全信任。To add or remove claims from the Claims collection, a caller must have full trust.

在以宣告為基礎的模型中, IIdentity.Name 會藉 IPrincipal.IsInRole(String) 由評估身分識別所包含的宣告來實作為屬性和方法。In the claims-based model, the IIdentity.Name property and the IPrincipal.IsInRole(String) method are implemented by evaluating the claims contained by an identity. 以宣告為基礎的模型中的基底實作為由 ClaimsIdentity.Name 屬性和方法所提供 ClaimsPrincipal.IsInRoleThe base implementations in the claims-based model are provided by the ClaimsIdentity.Name property and the ClaimsPrincipal.IsInRole method. NameClaimTypeRoleClaimType 屬性可讓您指定在執行這些作業時,應該用來評估身分識別所包含之宣告的宣告類型。The NameClaimType and RoleClaimType properties enable you to specify a claim type that should be used to evaluate the claims contained by the identity when performing these operations.

您可以透過和屬性來支援委派案例 Actor BootstrapContextDelegation scenarios are supported through the Actor and BootstrapContext properties.

建構函式

ClaimsIdentity()

使用空的宣告集合,初始化 ClaimsIdentity 類別的新執行個體。Initializes a new instance of the ClaimsIdentity class with an empty claims collection.

ClaimsIdentity(BinaryReader)

使用指定的 BinaryReader,初始化 ClaimsIdentity 的執行個體。Initializes an instance of ClaimsIdentity with the specified BinaryReader.

ClaimsIdentity(ClaimsIdentity)

從現有的 ClaimsIdentity 執行個體初始化 ClaimsIdentity 類別的新執行個體。Initializes a new instance of the ClaimsIdentity class from an existing ClaimsIdentity instance.

ClaimsIdentity(IEnumerable<Claim>)

使用 ClaimsIdentity 物件的列舉集合,初始化 Claim 類別的新執行個體。Initializes a new instance of the ClaimsIdentity class using an enumerated collection of Claim objects.

ClaimsIdentity(IEnumerable<Claim>, String)

使用指定的宣告和驗證類型,初始化 ClaimsIdentity 類別的新執行個體。Initializes a new instance of the ClaimsIdentity class with the specified claims and authentication type.

ClaimsIdentity(IEnumerable<Claim>, String, String, String)

使用指定的宣告、驗證類型、名稱宣告類型,以及角色宣告類型,初始化 ClaimsIdentity 類別的新執行個體。Initializes a new instance of the ClaimsIdentity class with the specified claims, authentication type, name claim type, and role claim type.

ClaimsIdentity(IIdentity)

使用名稱和驗證類型,從指定的 ClaimsIdentity 初始化 IIdentity 類別的新執行個體。Initializes a new instance of the ClaimsIdentity class using the name and authentication type from the specified IIdentity.

ClaimsIdentity(IIdentity, IEnumerable<Claim>)

使用指定的宣告和指定的 ClaimsIdentity,初始化 IIdentity 類別的新執行個體。Initializes a new instance of the ClaimsIdentity class using the specified claims and the specified IIdentity.

ClaimsIdentity(IIdentity, IEnumerable<Claim>, String, String, String)

從指定的 ClaimsIdentity,使用指定的宣告、驗證類型、名稱宣告型別,以及角色宣告類型,初始化 IIdentity 類別的新執行個體。Initializes a new instance of the ClaimsIdentity class from the specified IIdentity using the specified claims, authentication type, name claim type, and role claim type.

ClaimsIdentity(SerializationInfo)

從使用 ISerializable 建立的序列化資料流,初始化 ClaimsIdentity 類別的新執行個體。Initializes a new instance of the ClaimsIdentity class from a serialized stream created by using ISerializable.

ClaimsIdentity(SerializationInfo, StreamingContext)

從使用 ISerializable 建立的序列化資料流,初始化 ClaimsIdentity 類別的新執行個體。Initializes a new instance of the ClaimsIdentity class from a serialized stream created by using ISerializable.

ClaimsIdentity(String)

使用空白宣告集合和指定的驗證類型,初始化 ClaimsIdentity 類別的新執行個體。Initializes a new instance of the ClaimsIdentity class with an empty claims collection and the specified authentication type.

ClaimsIdentity(String, String, String)

使用指定的驗證類型、宣告類型和角色宣告類型,初始化 ClaimsIdentity 類別的新執行個體。Initializes a new instance of the ClaimsIdentity class with the specified authentication type, name claim type, and role claim type.

欄位

DefaultIssuer

預設核發者:「本機授權單位」。The default issuer; "LOCAL AUTHORITY".

DefaultNameClaimType

預設名稱宣告型別;Name.The default name claim type; Name.

DefaultRoleClaimType

預設角色宣告型別;Role.The default role claim type; Role.

屬性

Actor

取得或設定已授與委派權限之呼叫方的識別。Gets or sets the identity of the calling party that was granted delegation rights.

AuthenticationType

取得驗證類型。Gets the authentication type.

BootstrapContext

取得或設定用來建立此宣告識別的權杖。Gets or sets the token that was used to create this claims identity.

Claims

取得與此宣告識別相關聯的宣告。Gets the claims associated with this claims identity.

CustomSerializationData

包含衍生類型所提供的任何其他資料。Contains any additional data provided by a derived type. 通常會在呼叫 WriteTo(BinaryWriter, Byte[]) 時設定。Typically set when calling WriteTo(BinaryWriter, Byte[]).

IsAuthenticated

取得值,指出識別是否已經驗證。Gets a value that indicates whether the identity has been authenticated.

Label

取得或設定此宣告識別的標籤。Gets or sets the label for this claims identity.

Name

取得這個宣告識別的名稱。Gets the name of this claims identity.

NameClaimType

取得宣告型別,用來判斷哪些宣告為這個宣告識別的 Name 屬性提供值。Gets the claim type that is used to determine which claims provide the value for the Name property of this claims identity.

RoleClaimType

在此宣告身分識別的宣告中,取得將解譯為 .NET 角色的宣告型別。Gets the claim type that will be interpreted as a .NET role among the claims in this claims identity.

方法

AddClaim(Claim)

將單一宣告加入至這個宣告識別。Adds a single claim to this claims identity.

AddClaims(IEnumerable<Claim>)

將宣告清單加入至這個宣告識別。Adds a list of claims to this claims identity.

Clone()

傳回從這個宣告識別複製的新 ClaimsIdentityReturns a new ClaimsIdentity copied from this claims identity.

CreateClaim(BinaryReader)

提供衍生類型的擴充點來建立自訂 ClaimProvides an extensibility point for derived types to create a custom Claim.

Equals(Object)

判斷指定的物件是否等於目前的物件。Determines whether the specified object is equal to the current object.

(繼承來源 Object)
FindAll(Predicate<Claim>)

擷取符合指定述詞的所有宣告。Retrieves all of the claims that are matched by the specified predicate.

FindAll(String)

擷取具有指定宣告型別的所有宣告。Retrieves all of the claims that have the specified claim type.

FindFirst(Predicate<Claim>)

擷取符合指定述詞的第一個宣告。Retrieves the first claim that is matched by the specified predicate.

FindFirst(String)

擷取含指定宣告型別的第一個宣告。Retrieves the first claim with the specified claim type.

GetHashCode()

做為預設雜湊函式。Serves as the default hash function.

(繼承來源 Object)
GetObjectData(SerializationInfo, StreamingContext)

將序列化目前 SerializationInfo 物件所需的資料填入 ClaimsIdentityPopulates the SerializationInfo with data needed to serialize the current ClaimsIdentity object.

GetType()

取得目前執行個體的 TypeGets the Type of the current instance.

(繼承來源 Object)
HasClaim(Predicate<Claim>)

判斷這個宣告識別是否具有與指定之述詞相符的宣告。Determines whether this claims identity has a claim that is matched by the specified predicate.

HasClaim(String, String)

判斷這個宣告識別是否具有含指定之型別及值的宣告。Determines whether this claims identity has a claim with the specified claim type and value.

MemberwiseClone()

建立目前 Object 的淺層複製。Creates a shallow copy of the current Object.

(繼承來源 Object)
RemoveClaim(Claim)

嘗試從宣告識別移除宣告。Attempts to remove a claim from the claims identity.

ToString()

傳回代表目前物件的字串。Returns a string that represents the current object.

(繼承來源 Object)
TryRemoveClaim(Claim)

嘗試從宣告識別移除宣告。Attempts to remove a claim from the claims identity.

WriteTo(BinaryWriter)

使用 BinaryWriter 序列化。Serializes using a BinaryWriter.

WriteTo(BinaryWriter, Byte[])

使用 BinaryWriter 序列化。Serializes using a BinaryWriter.

適用於

另請參閱