How to cal the ClaimsAuthorizationManager.CheckAccess Function

See more:

VB

ASP.NET

SSO

SAML

Hi All,

I am developing a Web application that receives a token from a Federation server and then provides access to the correct user.(for eg. access to users User Role = 'Admin')

I have gone through the below URL and created a CheckAccess function as mentioned here.


http://msdn.microsoft.com/en-us/library/system.security.claims.claimsauthorizationmanager.checkaccess(v=vs.110).aspx?cs-save-lang=1&cs-lang=vb#code-snippet-1[^]

Below is the CheckAccess Function:

Public Overrides Function CheckAccess(context As Microsoft.IdentityModel.Claims.AuthorizationContext) As Boolean
    'Compares the web.config predefined alias with the User Role that is received from the Token
        If System.Configuration.ConfigurationManager.AppSettings.Get("UserRole") = SAMLTokenRead.Role Then
            Return True
        End If
        'Send the user to the page which displays "No Access"  page
        HttpContext.Current.Response.Redirect(System.Configuration.ConfigurationManager.AppSettings.Get("NoAccessPage"))
        Return False
    End Function

(SAMLTokenRead.Role is a Property to read the User Role from the SAML Token)

I am facing a problem while calling this function from a different page.

Please suggest what is the correct way to call this function so that I can check the User role condition calling the function before providing access to the application.

These two are the a bit of concern for me:
* I am a bit confused about the parameter that needs to be entered in the function.
* Should this function be called from Web.Config of the application?