声明类型中的 URL 是什么 [英] what are the URLs for in claim-types
问题描述
因为我想在我的应用程序中添加自定义声明,所以我检查了 ClaimTypes 的源代码(用 JetBrains 反编译器反编译).这是其中的一部分:
Since I want to add custom claims into my application, I checked the sourcecode of ClaimTypes (decompiled with JetBrains decompiler). Here is a piece of it:
namespace System.Security.Claims
{
/// <summary>Defines constants for the well-known claim types that can be assigned to a subject. This class cannot be inherited.</summary>
[ComVisible(false)]
public static class ClaimTypes
{
internal const string ClaimTypeNamespace = "http://schemas.microsoft.com/ws/2008/06/identity/claims";
/// <summary>The URI for a claim that specifies the instant at which an entity was authenticated; http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant.</summary>
public const string AuthenticationInstant = "http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant";
/// <summary>The URI for a claim that specifies the method with which an entity was authenticated; http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod.</summary>
public const string AuthenticationMethod = "http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod";
/// <summary>The URI for a claim that specifies the cookie path; http://schemas.microsoft.com/ws/2008/06/identity/claims/cookiepath.</summary>
public const string CookiePath = "http://schemas.microsoft.com/ws/2008/06/identity/claims/cookiepath";
/// <summary>The URI for a claim that specifies the deny-only primary SID on an entity; http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid. A deny-only SID denies the specified entity to a securable object.</summary>
public const string DenyOnlyPrimarySid = "http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid";
/// <summary>The URI for a claim that specifies the deny-only primary group SID on an entity; http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid. A deny-only SID denies the specified entity to a securable object.</summary>
public const string DenyOnlyPrimaryGroupSid = "http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid";
我的问题是(我希望这不是太愚蠢),这些 URL 是做什么用的?它们是否在其他地方使用?当我尝试打开一个 URL 时,我的资源管理器说找不到该站点.所以我认为没有 xml-schema 或后面的东西.如果我添加自定义声明,是否还必须添加类似这些网址的内容?
My question is (and I hope, it's not too silly), what are the URLs for? Are they used somewhere else? When I try to open an URL, my explorer says that the site wasn't found. So I think there is no xml-schema or something behind. If I add my custom claims, do I have to add something like those URLs too?
推荐答案
这些是 ClaimType,表示实体可以声明的预定义声明类型.您提到的那些来自 WIF,这里是 IdentityModel 声明类型.
These are ClaimTypes, which represents the pre-defined types of claims that an entity can claim. The ones you mention are from WIF, here are the IdentityModel ClaimTypes.
已知的声明类型会自动反序列化到上下文中.像 http://schemas.microsoft.com/ws/2008/06/identity/claims/role 作为角色添加到 user.roles 集合(用于 IsInRole).
Known claimtypes are automatically deserialized into the context. Like http://schemas.microsoft.com/ws/2008/06/identity/claims/role is added as role to the user.roles collection (used for IsInRole).
所以类型不是随机的,而是由规范决定的.您可以添加自己的类型.这可以是任何字符串,但您也可以使用相同的格式.
So the types are not random, but by specification. You can add your own types. This can be any string, but you can also use the same format.
假设您添加一个 CustomerId 作为声明,那么您需要通过 claimtype="CustomerId" 或您定义的 uri(例如 <代码>http://schemas.mycompany.com/2017/06/identity/CustomerId).
Suppose you add a CustomerId as claim, then you'll need to query the Claims collection by claimtype="CustomerId", or the uri you defined (like http://schemas.mycompany.com/2017/06/identity/CustomerId).
您可以通过代码或通过在 Identity.Claims 表中插入记录来添加声明.
You can add claims by code, or by inserting records in the Identity.Claims tables.
这篇关于声明类型中的 URL 是什么的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
