.NET Framework Class Library
ClaimTypes Class

Represents the pre-defined types of claims that an entity can claim. This class cannot be inherited.

Namespace:  System.IdentityModel.Claims
Assembly:  System.IdentityModel (in System.IdentityModel.dll)
Syntax
Visual Basic (Declaration) 
Public NotInheritable Class ClaimTypes
Visual Basic (Usage) 
You do not need to declare an instance of a static class in order to access its members.
C# 
public static class ClaimTypes
Visual C++ 
public ref class ClaimTypes abstract sealed
JScript 
public final class ClaimTypes
Remarks

Use the ClaimTypes class to search for a particular type of claim in a ClaimSet or to create a claim. To search for a particular type of claim in a ClaimSet, use the FindClaims(String, String) method and use the properties of this class to specify the claim type for the claimType parameter. When the constructor for the Claim class is used to create a new claim, use the properties of the ClaimTypes class to specify the claimType parameter. For many of the claim types, the Claim class has static properties that return a claim of a specific type. For instance, the CreateHashClaim(array<Byte>[]()[]) method returns a claim using the Hash claim type.
Examples
Visual Basic 
Imports System
Imports System.Collections.Generic
Imports System.Security.Cryptography.X509Certificates
Imports System.IdentityModel.Claims
Imports System.IdentityModel.Policy
Imports System.IdentityModel.Tokens
Imports System.IdentityModel.Selectors
Imports System.ServiceModel


' Service class that implements the service contract.
<ServiceBehavior(IncludeExceptionDetailInFaults:=True)> _
Public Class EchoService
    Implements IEchoService
    <ServiceContract()> _
    Public Interface IEchoService
        : Inherits IDisposable
        <OperationContract()> _
        Function Echo() As String
    End Interface 'IEchoService

    Public Function Echo() As String Implements IEchoService.Echo
        Dim userName As String = String.Empty
        Dim certificateSubjectName As String = String.Empty
        GetCallerIdentities(OperationContext.Current.ServiceSecurityContext, userName, certificateSubjectName)
        Return String.Format("Hello {0}, {1}", userName, certificateSubjectName)

    End Function 'Echo


    Public Sub Dispose() Implements IDisposable.Dispose

    End Sub 'Dispose




    Function TryGetClaimValue(Of TClaimResource)(ByVal claimSet As ClaimSet, ByVal claimType As String, ByRef resourceValue As TClaimResource) As Boolean
        Dim matchingClaims As IEnumerable(Of Claim) = claimSet.FindClaims(claimType, Rights.PossessProperty)
        If matchingClaims Is Nothing Then
            Return False
        End If
        Dim enumerator As IEnumerator(Of Claim) = matchingClaims.GetEnumerator()
        If enumerator.MoveNext() Then
            If enumerator.Current.Resource Is Nothing Then
                resourceValue = Nothing
            Else
                resourceValue = CType(enumerator.Current.Resource, TClaimResource)
            End If
            Return True
        Else
            Return False
        End If
    End Function
    Sub GetCallerIdentities(ByVal callerSecurityContext As ServiceSecurityContext, ByRef userName As String, ByRef certificateSubjectName As String)
        ' Returns the username and certificate subject name provided by the client.

        userName = Nothing
        certificateSubjectName = Nothing

        ' Look in all the claimsets in the authorization context.
        Dim claimSet As ClaimSet
        For Each claimSet In callerSecurityContext.AuthorizationContext.ClaimSets
            ' Try to find a Upn claim. This has been generated from the Windows username.
            Dim tmpName As String = String.Empty
            If TryGetClaimValue(Of String)(claimSet, ClaimTypes.Upn, tmpName) Then
                userName = tmpName
            Else
                ' Try to find an X500DisinguishedName claim. This has been generated from the client certificate.
                Dim tmpDistinguishedName As X500DistinguishedName = Nothing
                If TryGetClaimValue(Of X500DistinguishedName)(claimSet, ClaimTypes.X500DistinguishedName, tmpDistinguishedName) Then
                    certificateSubjectName = tmpDistinguishedName.Name
                End If
            End If
        Next claimSet

    End Sub
End Class 'EchoService
C# 
using System;
using System.Collections.Generic;
using System.Security.Cryptography.X509Certificates;
using System.IdentityModel.Claims; 
using System.IdentityModel.Policy; 
using System.IdentityModel.Tokens; 
using System.IdentityModel.Selectors;
using System.ServiceModel;

namespace Microsoft.ServiceModel.Samples.SupportingTokens
{
    [ServiceContract]
    public interface IEchoService : IDisposable
    {
        [OperationContract]
        string Echo();
    }
    // Service class that implements the service contract.
    [ServiceBehavior(IncludeExceptionDetailInFaults = true)]
    public class EchoService : IEchoService
    {
        public string Echo()
        {
            string userName;
            string certificateSubjectName;
            GetCallerIdentities(OperationContext.Current.ServiceSecurityContext, out userName, out certificateSubjectName);
            return String.Format("Hello {0}, {1}", userName, certificateSubjectName);
        }

        public void Dispose()
        {
        }


        bool TryGetClaimValue<TClaimResource>(ClaimSet claimSet, string claimType, out TClaimResource resourceValue)
            where TClaimResource : class
        {
            resourceValue = default(TClaimResource);
            IEnumerable<Claim> matchingClaims = claimSet.FindClaims(claimType, Rights.PossessProperty);
            if (matchingClaims == null)
                return false;
            IEnumerator<Claim> enumerator = matchingClaims.GetEnumerator();
            if (enumerator.MoveNext())
            {
                resourceValue = (enumerator.Current.Resource == null) ? null : (enumerator.Current.Resource as TClaimResource);
                return true;
            }
            else
            {
                return false;
            }
        }

        // Returns the username and certificate subject name provided by the client.
        void GetCallerIdentities(ServiceSecurityContext callerSecurityContext, out string userName, out string certificateSubjectName)
        {
            userName = null;
            certificateSubjectName = null;

            // Look in all the claimsets in the authorization context.
            foreach (ClaimSet claimSet in callerSecurityContext.AuthorizationContext.ClaimSets)
            {
                // Try to find a Upn claim. This has been generated from the windows username.
                string tmpName;
                if (TryGetClaimValue<string>(claimSet, ClaimTypes.Upn, out tmpName))
                {
                    userName = tmpName;
                }
                else
                {
                    // Try to find an X500DisinguishedName claim. This has been generated from the client certificate.
                    X500DistinguishedName tmpDistinguishedName;
                    if (TryGetClaimValue<X500DistinguishedName>(claimSet, ClaimTypes.X500DistinguishedName, out tmpDistinguishedName))
                    {
                        certificateSubjectName = tmpDistinguishedName.Name;
                    }
                }
            }
        }
    }
}
Inheritance Hierarchy
System..::.Object
  System.IdentityModel.Claims..::.ClaimTypes
Thread Safety
Any public static (Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.
Platforms

Windows 7, Windows Vista, Windows XP SP2, Windows Server 2008 R2, Windows Server 2008, Windows Server 2003

The .NET Framework and .NET Compact Framework do not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.
Version Information

.NET Framework

Supported in: 3.5, 3.0
See Also

Reference

ClaimTypes Members
System.IdentityModel.Claims Namespace
Tags :


Page view tracker