由于我想在我的应用程序中添加自定义声明,因此我检查了ClaimTypes的源代码(使用JetBrains反编译器反编译)。这是它的一部分:
namespace System.Security.Claims
{
/// <summary>Defines constants for the well-known claim types that can be assigned to a subject. This class cannot be inherited.</summary>
[ComVisible(false)]
public static class ClaimTypes
{
internal const string ClaimTypeNamespace = "http://schemas.microsoft.com/ws/2008/06/identity/claims";
/// <summary>The URI for a claim that specifies the instant at which an entity was authenticated; http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant.</summary>
public const string AuthenticationInstant = "http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant";
/// <summary>The URI for a claim that specifies the method with which an entity was authenticated; http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod.</summary>
public const string AuthenticationMethod = "http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod";
/// <summary>The URI for a claim that specifies the cookie path; http://schemas.microsoft.com/ws/2008/06/identity/claims/cookiepath.</summary>
public const string CookiePath = "http://schemas.microsoft.com/ws/2008/06/identity/claims/cookiepath";
/// <summary>The URI for a claim that specifies the deny-only primary SID on an entity; http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid. A deny-only SID denies the specified entity to a securable object.</summary>
public const string DenyOnlyPrimarySid = "http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid";
/// <summary>The URI for a claim that specifies the deny-only primary group SID on an entity; http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid. A deny-only SID denies the specified entity to a securable object.</summary>
public const string DenyOnlyPrimaryGroupSid = "http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid";
我的问题是(我希望,这不是太傻),网址是什么?他们在其他地方使用过吗?当我尝试打开URL时,我的资源管理器说该网站未找到。所以我认为没有xml-schema或背后的东西。如果我添加自定义声明,是否还必须添加类似这些网址的内容?
这些是ClaimTypes,表示实体可以声明的预定义类型的声明。你提到的那些来自WIF,这里是IdentityModel ClaimTypes。
已知的声明类型会自动反序列化到上下文中。像http://schemas.microsoft.com/ws/2008/06/identity/claims/role一样被添加为user.roles集合的角色(用于IsInRole)。
所以类型不是随机的,而是通过规范。您可以添加自己的类型。这可以是任何字符串,但您也可以使用相同的格式。
假设您添加CustomerId作为声明,那么您需要通过claimtype="CustomerId"或您定义的uri(如http://schemas.mycompany.com/2017/06/identity/CustomerId)查询Claims集合。
您可以按代码添加声明,也可以在Identity.Claims表中插入记录。