AuthorizationContext Class
[WCF RIA Services Version 1 Service Pack 2 is compatible with either .NET framework 4 or .NET Framework 4.5, and with either Silverlight 4 or Silverlight 5.]
Describes the context in which an authorization is being performed.
Namespace: System.ComponentModel.DataAnnotations
Assembly: System.ServiceModel.DomainServices.Server (in System.ServiceModel.DomainServices.Server.dll)
The AuthorizationContext type exposes the following members.
| Name | Description | |
|---|---|---|
![]() | AuthorizationContext(IServiceProvider) | Initializes a new instance of the AuthorizationContext class as a template. |
![]() | AuthorizationContext(Object, String, String, AuthorizationContext) | Initializes a new instance of the AuthorizationContext class with the specified instance, operation, operation type and authorization context. |
![]() | AuthorizationContext(Object, String, String, IServiceProvider, IDictionary<Object, Object>) | Initializes a new instance of the AuthorizationContext class with the specified instance, operation, operation type, service provider, and items. |
| Name | Description | |
|---|---|---|
![]() | Instance | Gets the object instance being authorized. |
![]() | Items | Gets the dictionary of key/value pairs associated with this context. |
![]() | Operation | Gets the name of the operation being authorized. |
![]() | OperationType | Gets a string value that describes the type of operation being authorized. |
![]() | ServiceContainer | Gets an IServiceContainer that can be used for adding, removing, and getting services used for authorization. |
| Name | Description | |
|---|---|---|
![]() | Dispose | Releases all resources used by the current instance of the AuthorizationContext class. |
![]() | Equals | (Inherited from Object.) |
![]() | Finalize | (Inherited from Object.) |
![]() | GetHashCode | (Inherited from Object.) |
![]() | GetService | Returns a service of the specified service type. |
![]() | GetType | (Inherited from Object.) |
![]() | MemberwiseClone | (Inherited from Object.) |
![]() | ToString | (Inherited from Object.) |
This class contains information describing the instance and the operation being authorized. It implements IDisposable and must be properly disposed after use. It supports IServiceProvider so that custom validation code can acquire additional services to help it perform its validation.
An Items property bag is available for additional contextual information about the authorization. Values stored in Items will be available to authorization methods that use this AuthorizationContext.
This class also provides an IServiceContainer implementation to allow developers to add services to the context at run time. This container is available by calling the GetService method and providing the type of IServiceContainer or by using the ServiceContainer property.
The type of the object in the Instance property is the type of the entity involved in the operation. For query operations, the Instance property is null.
The following example shows an implementation of the AuthorizationAttribute that uses an AuthorizationContext value to customize authentication.
Public Class CheckAttendeeNameAttribute Inherits System.Web.DomainServices.AuthorizationAttribute Public Overrides Function Authorize(ByVal principal As System.Security.Principal.IPrincipal) As Boolean If (principal.IsInRole("Attendee") And principal.Identity.Name.StartsWith("A")) Then Return True Else Return False End If End Function End Class
public class CheckAttendeeNameAttribute : System.Web.DomainServices.AuthorizationAttribute { public override bool Authorize(System.Security.Principal.IPrincipal principal) { if (principal.IsInRole("Attendee") && principal.Identity.Name.StartsWith("A")) { return true; } else { return false; } } }
public class RestrictAccessToAssignedManagers : AuthorizationAttribute { protected override AuthorizationResult IsAuthorized(System.Security.Principal.IPrincipal principal, AuthorizationContext authorizationContext) { EmployeePayHistory eph = (EmployeePayHistory)authorizationContext.Instance; Employee selectedEmployee; Employee authenticatedUser; using (AdventureWorksEntities context = new AdventureWorksEntities()) { selectedEmployee = context.Employees.SingleOrDefault(e => e.EmployeeID == eph.EmployeeID); authenticatedUser = context.Employees.SingleOrDefault(e => e.LoginID == principal.Identity.Name); } if (selectedEmployee.ManagerID == authenticatedUser.EmployeeID) { return AuthorizationResult.Allowed; } else { return new AuthorizationResult("Only the authenticated manager for the employee can add a new record."); } } }
