AuthorizationResult Class
[WCF RIA Services Version 1 Service Pack 2 is compatible with either .NET framework 4 or .NET Framework 4.5, and with either Silverlight 4 or Silverlight 5.]
Contains the results of an authorization request.
Namespace: System.ComponentModel.DataAnnotations
Assembly: System.ServiceModel.DomainServices.Server (in System.ServiceModel.DomainServices.Server.dll)
The AuthorizationResult type exposes the following members.
You use the Allowed field to represent a successful authorization request. Any instance of this class that is not null or Allowed represents an authorization request that has been denied.
An instance of this class that contains null can indicate authorization approval. You should always use the Allowed value rather than null.
The following example shows an implementation of the AuthorizationAttribute that uses an AuthorizationContext value to customize authentication.
Public Class CheckAttendeeNameAttribute Inherits System.Web.DomainServices.AuthorizationAttribute Public Overrides Function Authorize(ByVal principal As System.Security.Principal.IPrincipal) As Boolean If (principal.IsInRole("Attendee") And principal.Identity.Name.StartsWith("A")) Then Return True Else Return False End If End Function End Class
public class CheckAttendeeNameAttribute : System.Web.DomainServices.AuthorizationAttribute { public override bool Authorize(System.Security.Principal.IPrincipal principal) { if (principal.IsInRole("Attendee") && principal.Identity.Name.StartsWith("A")) { return true; } else { return false; } } }
public class RestrictAccessToAssignedManagers : AuthorizationAttribute { protected override AuthorizationResult IsAuthorized(System.Security.Principal.IPrincipal principal, AuthorizationContext authorizationContext) { EmployeePayHistory eph = (EmployeePayHistory)authorizationContext.Instance; Employee selectedEmployee; Employee authenticatedUser; using (AdventureWorksEntities context = new AdventureWorksEntities()) { selectedEmployee = context.Employees.SingleOrDefault(e => e.EmployeeID == eph.EmployeeID); authenticatedUser = context.Employees.SingleOrDefault(e => e.LoginID == principal.Identity.Name); } if (selectedEmployee.ManagerID == authenticatedUser.EmployeeID) { return AuthorizationResult.Allowed; } else { return new AuthorizationResult("Only the authenticated manager for the employee can add a new record."); } } }
