Represents a claim.
Assembly: mscorlib (in mscorlib.dll)
Initializes a new instance of theclass with the specified reader, and subject.
Initializes a new instance of theclass.
Initializes a new instance of theclass with the specified security claim, and subject.
Initializes a new instance of theclass with the specified claim type, and value.
|Claim(String, String, String)|
Initializes a new instance of theclass with the specified claim type, value, and value type.
|Claim(String, String, String, String)|
Initializes a new instance of theclass with the specified claim type, value, value type, and issuer.
|Claim(String, String, String, String, String)|
Initializes a new instance of theclass with the specified claim type, value, value type, issuer, and original issuer.
|Claim(String, String, String, String, String, ClaimsIdentity)|
Initializes a new instance of theclass with the specified claim type, value, value type, issuer, original issuer and subject.
Gets the issuer of the claim.
Gets the original issuer of the claim.
Gets a dictionary that contains additional properties associated with this claim.
Gets the subject of the claim.
Gets the claim type of the claim.
Gets the value of the claim.
Gets the value type of the claim.
Returns a newobject copied from this object. The new claim does not have a subject.
Returns a newobject copied from this object. The subject of the new claim is set to the specified ClaimsIdentity.
Determines whether the specified object is equal to the current object.(Inherited from Object.)
Allows an object to try to free resources and perform other cleanup operations before it is reclaimed by garbage collection.(Inherited from Object.)
Serves as the default hash function. (Inherited from Object.)
Returns a string representation of this Object.ToString().)object.(Overrides
Writes thisto the writer.
A claim is a statement about a subject by an issuer. Claims represent attributes of the subject that are useful in the context of authentication and authorization operations. Subjects and issuers are both entities that are part of an identity scenario. Some typical examples of a subject are: a user, an application or service, a device, or a computer. Some typical examples of an issuer are: the operating system, an application. a service, a role provider, an identity provider, or a federation provider. An issuer delivers claims by issuing security tokens, typically through a Security Token Service (STS). (In WIF, you can build an STS by deriving from the SecurityTokenService class.) On occasion, the collection of claims received from an issuer can be extended by subject attributes stored directly at the resource. A claim can be evaluated to determine access rights to data and other secured resources during the process of authorization and can also be used to make or express authentication decisions about a subject.
Beginning with .NET 4.5, the Windows Identity Foundation (WIF) classes, which implement claims-based identity, have been fully integrated into the .NET Framework. The claims concept is implemented by theclass.
The following describes important properties of theclass:
The Type property is a string (typically a URI) that contains the semantic information about the claim; it tells you what the value of the claim means. For example, a claim with a claim type of GivenName (“http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname”) represents a user’s first name. The value of the Type property can be one of the well-known claim types defined in the ClaimTypes class, or it can be an arbitrary URI as defined by the issuer. For example, a claim type of “urn:spendinglimit” might represent a user attribute which makes sense within the business context of the issuer.
The Value property contains the value of the claim. In order to reduce dependencies and simplify administration, in WIF the value of a claim is represented only as a string. For more complex value types, it is recommended that you use standard XML schema types to indicate how the value is meant to be serialized into and deserialized from a string.
The ValueType property contains a string that identifies the type information for the value. This property should be used to understand the format of the value and to provide information about how to deserialize it. If your solution requires complex value types, it is recommended that you use standard XML schema types in the ValueType property to indicate how the Value property is meant to be serialized into and deserialized from a string.
The Subject property is a ClaimsIdentity object that represents the subject of the claim. The subject of the claim is the entity (typically the user who is requesting access to a resource) about which the claim is asserted. The ClaimsIdentity contains, among its properties, a collection of claims that describe the properties and attributes of the subject as attested to by one or more issuers.
The Issuer property contains the name of the entity that issued the claim. The issuer of a claim is represented in WIF by a string that contains a name taken from a list of well-known issuers that is maintained by the issuer name registry. The issuer name registry is an instance of a class that derives from the IssuerNameRegistry class. The issuer name registry associates a mnemonic name to the cryptographic material needed to verify the signatures of tokens produced by the corresponding issuer. For example, the ConfigurationBasedIssuerNameRegistry class, available out of the box with .NET 4.5, associates the mnemonic name for each issuer with its corresponding X.509 certificate. The list of well-known issuers is typically built at startup time by the issuer name registry. The list used by the ConfigurationBasedIssuerNameRegistry is specified in the application configuration file.
The OriginalIssuer property contains the name of the entity that originally issued the claim. This property is designed to facilitate scenarios where a claim may pass through multiple issuers before it is presented by the client to the RP application; such as federation scenarios. You can examine the OriginalIssuer property to determine the entity that originally issued the claim. The name is taken from the list of well-known issuers maintained by the issuer name registry, as in the case of the Issuer property.
Available since 10
Available since 4.5
Any public static ( Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.