0 out of 2 rated this helpful - Rate this topic

ClaimTypes Class

.NET Framework 4.5

Other Versions

Represents the pre-defined types of claims that an entity can claim. This class cannot be inherited.

Inheritance Hierarchy

System.Object
System.IdentityModel.Claims.ClaimTypes

Namespace: System.IdentityModel.Claims
Assembly: System.IdentityModel (in System.IdentityModel.dll)

Syntax

C++

public static class ClaimTypes

The ClaimTypes type exposes the following members.

Properties

	Name	Description
	Anonymous	Gets the URI for a claim that specifies the anonymous user.
	Authentication	Gets the URI for a claim that specifies details about whether an identity is authenticated.
	AuthorizationDecision	Gets the URI for a claim that specifies an authorization decision on an entity.
	Country	Gets the URI for a claim that specifies the country/region in which an entity resides.
	DateOfBirth	Gets the URI for a claim that specifies the date of birth of an entity.
	DenyOnlySid	Gets the URI for a claim that specifies a deny-only security identifier (SID) for an entity.
	Dns	Gets the URI for a claim that specifies the DNS name associated with the computer name or with the alternative name of either the subject or issuer of an X.509 certificate.
	Email	Gets the URI for a claim that specifies the email address of an entity.
	Gender	Gets the URI for a claim that specifies the gender of an entity.
	GivenName	Gets the URI for a claim that specifies the given name of an entity.
	Hash	Gets the URI for a claim that specifies a hash value.
	HomePhone	Gets the URI for a claim that specifies the home phone number of an entity.
	Locality	Gets the URI for a claim that specifies the locale in which an entity resides.
	MobilePhone	Gets the URI for a claim that specifies the mobile phone number of an entity.
	Name	Gets the URI for a claim that specifies the name of an entity.
	NameIdentifier	Gets the URI for a claim that specifies the name of an entity.
	OtherPhone	Gets the URI for a claim that specifies the alternative phone number of an entity.
	PostalCode	Gets the URI for a claim that specifies the postal code of an entity.
	PPID	Gets the URI for a claim that specifies the private personal identifier (PPI) of an entity.
	Rsa	Gets the URI for a claim that specifies an RSA key.
	Sid	Gets the URI for a claim that specifies a security identifier (SID).
	Spn	Gets the URI for a claim that specifies a service principal name (SPN) claim.
	StateOrProvince	Gets the URI for a claim that specifies the state or province in which an entity resides.
	StreetAddress	Gets the URI for a claim that specifies the street address of an entity.
	Surname	Gets the URI for a claim that specifies the surname of an entity.
	System	Gets the URI for a claim that identifies the system entity.
	Thumbprint	Gets the URI for a claim that specifies a thumbprint.
	Upn	Gets the URI for a claim that specifies a user principal name (UPN).
	Uri	Gets the URI for a claim that specifies a URI.
	Webpage	Gets the URI for a claim that specifies the Web page of an entity.
	X500DistinguishedName	Gets the string that contains the URI for a distinguished name claim of an X.509 certificate.

Top

Remarks

Use the ClaimTypes class to search for a particular type of claim in a ClaimSet or to create a claim. To search for a particular type of claim in a ClaimSet, use the FindClaims(String, String) method and use the properties of this class to specify the claim type for the claimType parameter. When the constructor for the Claim class is used to create a new claim, use the properties of the ClaimTypes class to specify the claimType parameter. For many of the claim types, the Claim class has static properties that return a claim of a specific type. For instance, the CreateHashClaim(Byte[]) method returns a claim using the Hash claim type.

Examples


using System;
using System.Collections.Generic;
using System.Security.Cryptography.X509Certificates;
using System.IdentityModel.Claims; 
using System.IdentityModel.Policy; 
using System.IdentityModel.Tokens; 
using System.IdentityModel.Selectors;
using System.ServiceModel;

namespace Microsoft.ServiceModel.Samples.SupportingTokens
{
    [ServiceContract]
    public interface IEchoService : IDisposable
    {
        [OperationContract]
        string Echo();
    }
    // Service class that implements the service contract.
    [ServiceBehavior(IncludeExceptionDetailInFaults = true)]
    public class EchoService : IEchoService
    {
        public string Echo()
        {
            string userName;
            string certificateSubjectName;
            GetCallerIdentities(OperationContext.Current.ServiceSecurityContext, out userName, out certificateSubjectName);
            return String.Format("Hello {0}, {1}", userName, certificateSubjectName);
        }

        public void Dispose()
        {
        }


        bool TryGetClaimValue<TClaimResource>(ClaimSet claimSet, string claimType, out TClaimResource resourceValue)
            where TClaimResource : class
        {
            resourceValue = default(TClaimResource);
            IEnumerable<Claim> matchingClaims = claimSet.FindClaims(claimType, Rights.PossessProperty);
            if (matchingClaims == null)
                return false;
            IEnumerator<Claim> enumerator = matchingClaims.GetEnumerator();
            if (enumerator.MoveNext())
            {
                resourceValue = (enumerator.Current.Resource == null) ? null : (enumerator.Current.Resource as TClaimResource);
                return true;
            }
            else
            {
                return false;
            }
        }

        // Returns the username and certificate subject name provided by the client. 
        void GetCallerIdentities(ServiceSecurityContext callerSecurityContext, out string userName, out string certificateSubjectName)
        {
            userName = null;
            certificateSubjectName = null;

            // Look in all the claimsets in the authorization context. 
            foreach (ClaimSet claimSet in callerSecurityContext.AuthorizationContext.ClaimSets)
            {
                // Try to find a Upn claim. This has been generated from the windows username. 
                string tmpName;
                if (TryGetClaimValue<string>(claimSet, ClaimTypes.Upn, out tmpName))
                {
                    userName = tmpName;
                }
                else
                {
                    // Try to find an X500DisinguishedName claim. This has been generated from the client certificate.
                    X500DistinguishedName tmpDistinguishedName;
                    if (TryGetClaimValue<X500DistinguishedName>(claimSet, ClaimTypes.X500DistinguishedName, out tmpDistinguishedName))
                    {
                        certificateSubjectName = tmpDistinguishedName.Name;
                    }
                }
            }
        }
    }
}

Version Information

.NET Framework

Supported in: 4.5, 4, 3.5, 3.0

.NET Framework Client Profile

Supported in: 4, 3.5 SP1

Platforms

Windows 8, Windows Server 2012, Windows 7, Windows Vista SP2, Windows Server 2008 (Server Core Role not supported), Windows Server 2008 R2 (Server Core Role supported with SP1 or later; Itanium not supported)

The .NET Framework does not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.

Thread Safety

Any public static (Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.

Reference

System.IdentityModel.Claims Namespace

Did you find this helpful? Yes No

Not accurate

Not enough depth

Need more code examples

(1500 characters remaining)