This project is read-only.

Practical examples of using claims in authorization

Jul 2, 2014 at 5:34 PM
Many people in the community will benefit from these samples. Roles have their limitations. Claims are going to be the future of fine-grained authorization. More samples in this area will be helpful.
We just should not just show a MVC action being authorized by ONE SINGLE claim. Show a practical example of how we can use multiple claims, even better, how multiple claims can be logical group and create a virtual permission set etc.

Thanks in advance.
Jul 30, 2014 at 12:06 PM
I've done some proof-of-concept application which you can look at:

It is a prototype and not slick, but shows you how can you restrict MVC actions by having a claim. How you can have a role with claims and translate all claim-roles into user. Just poke about the code. SecretController is the one that is restricted by claims.