I'm new to the Claims Security approach for authorizing users access to resources. I've been doing a lot of research and the majority of sites I've read have the policies for ClaimsAuthorizationManager entered in Web.config file. What are some ways to accomplish this? Can you point me to some links where policies are served from a database? Thanks.
可以将文章内容翻译成中文,广告屏蔽插件可能会导致该功能失效(如失效,请关闭广告屏蔽插件后再试):
问题:
回答1:
I also ran into the same problem. Hopefully these links will help you. What I did was implemented my own ClaimsAuthorizationManager to get the claims for the current user and used Thinktecture.IdentityModel for claims checks.
http://www.codeproject.com/Claims-Based-Authentication-and-Authorization
http://evolvingtechie.wordpress.com/misc/identity-and-access-management/claims-authorization-in-geneva-beta-2-%E2%80%93-introduction/
http://www.contentmaster.com/windows-communication-foundation/implementing-customizable-claims-based-authorization-with-windows-identity-foundation/
This has some snippets you can use. https://github.com/maniserowicz/claims-talk/tree/master/Claims.WG.NET/_snippets
{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://img.manongdao.com/sparkler-677774__340.jpg', '推荐 太酷不给撩 的文章《ClaimsAuthorizationManager pull policies from data》','https://www.manongdao.com/article-696843.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}