tags:

views:

35

answers:

1
Q: 

Getting claims on the client

I have implemented a WCF service that exposes operations that a Windows Forms client consumes. In the service, I am using claims-based authorization with a custom AuthorizationPolicy in which I insert my custom Claimset based on the principal identity before the operation code runs. The operations then require certain Claims within the Claimset in order to run.

So, given this, what is the best way to get the custom set of Claims on the client? I need this so that the client can do things like enable or disable buttons based on the authorization policy. Ideally, the client would need this information in advance of calling any of the operations (like on form load). So do I create a special operation that returns a Claimset object populated with the Claims that the client can use for UI decisions? Or is there some better built in pattern?

A: 

We do this as two calls to the server.

The first is: Does the user have the rights. In our case we send in a list of rights, and get a list back where each "right" is marked with a true or false.

The client uses this information to draw the UI.

When the actual call comes in, we recheck that the user has the right to make the call, in case someone has by passed the UI.

Shiraz Bhaiji  2009-08-23 17:20:36
Thanks Shiraz. So the call to evaluate the claims is something you implement - there is a not a built in way to do it? I ended up doing something similar except that the service method I created returns that call's entire ClaimSet. That way, the client can cache the service's ClaimSet and can evaluate anything it wants locally at any time without having to make additional service calls.
MarkB  2009-09-06 14:31:02
Yes, the call to evaluate the claims is something that we implement.
Shiraz Bhaiji  2009-09-06 14:38:36

related questions

Dynamic programming with WCF
WCF Service Returning "Method Not Allowed"
Exceptions in Web Services
What SPN do I need to set for a net.tcp service?
How do I unit test a WCF service?
Best practices for versioning your services with WCF?
Lazy Loading with a WCF Service Domain Model?
How many ServiceContracts can a WCF Service have?
How can I authenticate using client credentials in WCF just once?
WCF - Domain Objects and IExtensibleDataObject
InvalidOperationException while creating wcf web service instance
Closing and Disposing a WCF Service
What WCF best practices do you follow in object model design?
WCF push to client through firewall?
Loading System.ServiceModel configuration section using ConfigurationManager
I would like some tips for debugging WCF Web Service exceptions
What's the best way to authenticate over WCF?
Good Reads for Distributed Systems
.Net - Returning DataTables in WCF
What is the easiest way to add compression to WCF in Silverlight?
WCF Backward Compatibility Issue
Best Practices for securing a REST API / web service
Web Services -- WCF vs. Standard
C# WCF Service - Backward compatibility issue
WCF - High availability