AuthorizationContext Class
The result of evaluating all authorization policies available from the tokens in the sent message and by calling the GetAuthorizationPolicies method.
Namespace: System.IdentityModel.Policy
Assembly: System.IdentityModel (in System.IdentityModel.dll)
The AuthorizationContext type exposes the following members.
| Name | Description | |
|---|---|---|
 | AuthorizationContext | Initializes a new instance of the AuthorizationContext class. |
| Name | Description | |
|---|---|---|
| ClaimSets | Gets the set of claims associated with an authorization policy. |
| ExpirationTime | Gets the date and time at which this AuthorizationContext object is no longer valid. |
| Id | Gets a unique identifier for this AuthorizationContext object. |
| Properties | Gets a collection of non-claim properties associated with this AuthorizationContext object. |
| Name | Description | |
|---|---|---|
| CreateDefaultAuthorizationContext | Evaluate all of the specified authorization policies and create an AuthorizationContext. |
| Equals(Object) | Determines whether the specified object is equal to the current object. (Inherited from Object.) |
| Finalize | Allows an object to try to free resources and perform other cleanup operations before it is reclaimed by garbage collection. (Inherited from Object.) |
| GetHashCode | Serves as a hash function for a particular type. (Inherited from Object.) |
| GetType | Gets the Type of the current instance. (Inherited from Object.) |
| MemberwiseClone | Creates a shallow copy of the current Object. (Inherited from Object.) |
| ToString | Returns a string that represents the current object. (Inherited from Object.) |
Evaluating all of the authorization policies in an authorization manager results in a set of ClaimSet objects. These objects make up an authorization context.
An authorization context contains a set of claim set objects, an expiration time that specifies the span of time during which the authorization context is valid, and a unique identifier.
The AuthorizationContext for the current operation can be accessed via the AuthorizationContext property.
protected override bool CheckAccessCore(OperationContext operationContext) { // Extract the action URI from the OperationContext. Match this against the claims // in the AuthorizationContext. string action = operationContext.RequestContext.RequestMessage.Headers.Action; Console.WriteLine("action: {0}", action); // Iterate through the various claim sets in the AuthorizationContext. foreach(ClaimSet cs in operationContext.ServiceSecurityContext.AuthorizationContext.ClaimSets) { // Examine only those claim sets issued by System. if (cs.Issuer == ClaimSet.System) { // Iterate through claims of type "http://example.org/claims/allowedoperation". foreach (Claim c in cs.FindClaims("http://example.org/claims/allowedoperation", Rights.PossessProperty)) { // Write the Claim resource to the console. Console.WriteLine("resource: {0}", c.Resource.ToString()); // If the Claim resource matches the action URI then return true to allow access. if (action == c.Resource.ToString()) return true; } } } // If this point is reached, return false to deny access. return false; }
Windows 8, Windows Server 2012, Windows 7, Windows Vista SP2, Windows Server 2008 (Server Core Role not supported), Windows Server 2008 R2 (Server Core Role supported with SP1 or later; Itanium not supported)
The .NET Framework does not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.
