SharePoint 2010 Role Assignment to Claims(Claim Based Authentication)

-
Claims Authentication:
Claims Authentication is a new feature in SharePoint 2010 and understanding it will assist administrators in designing and maintaining robust infrastructures and help make implementing other functionality (such as PeoplePicker) a little easier. It also provides many of the details related to setting up a trust configuration, an explanation of runtime considerations and management, configuration details, and programmatic implementations or the use of the extensibility points to turn federated access into a federated SharePoint Server 2010 business solution. 
Claims:
An identity provider makes claims about a user. A good example of an identity provider is Live ID. So Live ID will claim to have attributes and their values. For Example:
Identity Provider "provider of the attributes" contains username attribute containing Himanshu. A custom identity provider created by a hacker also contains an account with username attribute named Himanshu. Both identity providers are making claims about a user. The consumer "SharePoint 2010" must choose which claim it's going to trust. SharePoint 2010 by itself will never trust either claim without being told to do so. In order for SharePoint to use a claim, it must first trust that claim which is setup by you the SharePoint administrator. If claims are trusted, then SharePoint can authenticate and authorize over that claim.

So Here is code for setup of a claim so that sharepoint can trust.

 public static void ApplyClaims(SPWeb web, string claimValue)
        {
            SPClaimProviderManager claimMgr = SPClaimProviderManager.Local;
            if (claimMgr != null)
            {
                SPClaim claim = new SPClaim(IPMRoleClaimType, claimValue, StringTypeClaim, SPOriginalIssuers.Format(SPOriginalIssuerType.TrustedProvider, IPMClaimsIdentifier));
                string userName = claimMgr.EncodeClaim(claim);
                // SPUser spUser = web.EnsureUser(userName);
                SPUserInfo info = new SPUserInfo
                {
                    LoginName = userName,
                    Name = claimValue
                };

                 SPRoleAssignment roleAssignmentClaim = new SPRoleAssignment(info.LoginName, info.Email, info.Name, info.Notes);
                var tempNew = web.RoleDefinitions["Full Control"];
                roleAssignmentClaim.RoleDefinitionBindings.Add(tempNew);
                web.RoleAssignments.Add(roleAssignmentClaim);
            }
        }

Comments

  1. Mukesh Singh22 November 2016 at 02:16

    With the help of SQL Server Management Studio or Transact-SQL, we can grant permissions on a single or multiple stored procedure in SQL. These permissions can be granted to an existing user, database role, or application role in the database.
    Grant Permission on stored procedures

    ReplyDelete

Post a Comment

Popular posts from this blog

C# Copy files from one server to another

-
Sometimes we need to copy files from one sever and paste those files to another server programmatically. So for that we can use below code but we should have admin credentials of that server where we want to paste files. In below method we need to pass source path of the server, from where we want to copy and destination path of the server, where we want to paste. Also we need to provide UserName, Domain, Password of the server where we want to paste those files. public void CopyFiles(string sourcePath, string destinationPath)         {             try             {                  IntPtr admin_token = new IntPtr();                 // use LOGON32_LOGON_NEW_CREDENTIALS as LogonType                 if (LogonUser(" UserName ", " Domain ", " Password ", 9, 0, ref admin_token) != 0)                 {                     WindowsIdentity wid_admin = new WindowsIdentity(admin_token);                     WindowsImpersonationContext wic =
Read more

Suppress StyleCop SA1600

-
    Local Suppression: [SuppressMessage("Microsoft.StyleCop.CSharp.DocumentationRules",  "SA1600:ElementsMustBeDocumented", Justification = "Reviewed.  Suppression is OK here.")] for local suppression you must use namespace  using System.Diagnostics.CodeAnalysis;   OR you can also use   [System.Diagnostics.CodeAnalysis.SuppressMessage ("Microsoft.StyleCop.CSharp.DocumentationRules", "SA1600:ElementsMustBeDocumented")]  Example:   using System.Diagnostics.CodeAnalysis;   [SuppressMessage("Microsoft.StyleCop.CSharp.DocumentationRules", "SA1600:ElementsMustBeDocumented", Justification = "Reviewed. Suppression is OK here.")] protected void Button1_Click(object sender, EventArgs e)   {   } [SuppressMessage("Microsoft.StyleCop.CSharp.DocumentationRules", "SA1600:ElementsMustBeDocumented", Justification = "Reviewed. Suppression is OK here.")]  protected v
Read more

Telerik Rad Grid Sorting

-
If you are using Telerik Rad Grid and also need to sort column on column's header click than for your requirement below code will help you surely. .aspx Code : <telerik:RadGrid ID="RadGrid1" runat="server" AllowSorting="True" EnableViewState="false" AutoGenerateColumns="False" OnSortCommand="RadGrid1_SortCommand"  OnNeedDataSource="RadGrid1_NeedDataSource">  <SortingSettings EnableSkinSortStyles="true" />   <MasterTableView AllowNaturalSort="false" AllowSorting="True" AutoGenerateColumns="False">     <Columns>        <telerik:GridBoundColumn DataField="Name" HeaderText="Name"  SortExpression="Name">        </telerik:GridBoundColumn>        <telerik:GridBoundColumn DataField="Address" HeaderText="Address"  SortExpression="Address">        </telerik:GridBoundColumn&g
Read more