C#-System.IdentityModel.Policy.IAuthorizationPolicy过时了吗?

根据这篇msdn文章,接口IAuthorizationPolicy是使用wcf时注入自定义授权逻辑/自定义声明的方式.

https://msdn.microsoft.com/en-us/library/ms729851(v=vs.110).aspx

但是,根据该接口,似乎某些已使用的类“几乎已过时”
http://msdn.microsoft.com/en-us/library/system.identitymodel.claims%28v=vs.110%29.aspx

The System.IdentityModel.Claims namespace contains classes that
implement the Windows Communication Foundation (WCF) claims-based
identity authorization model. This model includes the Claim class and
the ClaimSet class. Beginning with .NET Framework 4.5 and the
integration of Windows Identity Foundation (WIF) into the .NET
Framework, the WCF claims-based identity model has been superseded by
WIF. WIF provides a claims-based identity object model that can be
used to provide authentication and authorization across several
Microsoft product stacks, including the CLR, WCF, and ASP.NET. The WIF
classes that represent claims, claim types, and identities and
principals that are based on claims are contained in the
System.Security.Claims namespace. Beginning with .NET 4.5, these
classes should be used instead of those in the
System.IdentityModel.Claims namespace.

查看WIF类,似乎似乎无法替代IAuthorizationPolicy,但是可以从scatch(claimsAuthenticationManager / claimsAuthorizationManager)编写自定义身份验证和授权逻辑.建议的方法是什么?

谢谢您的意见

解决方法:

是的,它们已被.NET 4.5中引入的“新”标识管道弃用.

现在,ClaimsAuthenticationManager是可扩展性点,可在到达服务代码之前向主体添加声明. ClaimsAuthorizationManager可用于隔离授权策略(例如,与ClaimsPrincipalPermission类结合使用).

无耻的插头:
http://www.pluralsight.com/courses/iac-wcf

上一篇:c#-ASP网络身份-索赔与自定义IdentityUser


下一篇:python – 从单词列表中创建字谜列表