AuthorizationResult Class
[WCF RIA Services Version 1 Service Pack 2 is compatible with either .NET framework 4 or .NET Framework 4.5, and with either Silverlight 4 or Silverlight 5.]
Contains the results of an authorization request.
Namespace: System.ComponentModel.DataAnnotations
Assembly: System.ServiceModel.DomainServices.Server (in System.ServiceModel.DomainServices.Server.dll)
The AuthorizationResult type exposes the following members.
You use the Allowed field to represent a successful authorization request. Any instance of this class that is not Nothing or Allowed represents an authorization request that has been denied.
An instance of this class that contains Nothing can indicate authorization approval. You should always use the Allowed value rather than Nothing.
The following example shows an implementation of the AuthorizationAttribute that uses an AuthorizationContext value to customize authentication.
Public Class CheckAttendeeNameAttribute Inherits System.Web.DomainServices.AuthorizationAttribute Public Overrides Function Authorize(ByVal principal As System.Security.Principal.IPrincipal) As Boolean If (principal.IsInRole("Attendee") And principal.Identity.Name.StartsWith("A")) Then Return True Else Return False End If End Function End Class
Public Class RestrictAccessToAssignedManagers Inherits AuthorizationAttribute Protected Overrides Function IsAuthorized(ByVal principal As System.Security.Principal.IPrincipal, ByVal authorizationContext As System.ComponentModel.DataAnnotations.AuthorizationContext) As System.ComponentModel.DataAnnotations.AuthorizationResult Dim eph As EmployeePayHistory Dim selectedEmployee As Employee Dim authenticatedUser As Employee eph = CType(authorizationContext.Instance, EmployeePayHistory) Using context As New AdventureWorksEntities() selectedEmployee = context.Employees.SingleOrDefault(Function(e) e.EmployeeID = eph.EmployeeID) authenticatedUser = context.Employees.SingleOrDefault(Function(e) e.LoginID = principal.Identity.Name) End Using If (selectedEmployee.ManagerID = authenticatedUser.EmployeeID) Then Return AuthorizationResult.Allowed Else Return New AuthorizationResult("Only the authenticated manager for the employee can add a new record.") End If End Function End Class
public class RestrictAccessToAssignedManagers : AuthorizationAttribute { protected override AuthorizationResult IsAuthorized(System.Security.Principal.IPrincipal principal, AuthorizationContext authorizationContext) { EmployeePayHistory eph = (EmployeePayHistory)authorizationContext.Instance; Employee selectedEmployee; Employee authenticatedUser; using (AdventureWorksEntities context = new AdventureWorksEntities()) { selectedEmployee = context.Employees.SingleOrDefault(e => e.EmployeeID == eph.EmployeeID); authenticatedUser = context.Employees.SingleOrDefault(e => e.LoginID == principal.Identity.Name); } if (selectedEmployee.ManagerID == authenticatedUser.EmployeeID) { return AuthorizationResult.Allowed; } else { return new AuthorizationResult("Only the authenticated manager for the employee can add a new record."); } } }
