Add your own Claims to your ADFS Provider
Following on from my previous blog on “Creating your own identity provider …” The following changes can be made to add in your own claims.
Firstly in the App_DataCustomSecurityTokenService.cs file of your identity provider web site I changed the following code
1outputIdentity.Claims.Add( new Claim( System.IdentityModel.Claims.ClaimTypes.Name, principal.Identity.Name ) );
2if (principal.Identity.Name.Equals("Steve") == true)
3{
4 outputIdentity.Claims.Add(new Claim(ClaimTypes.Role, "Administrator"));
5
6 outputIdentity.Claims.Add(new Claim("http://schemas.BlackMarble/Identity/Claims/Business",
7 "Black Marble"));
8
9}
10else
11{
12 outputIdentity.Claims.Add(new Claim(ClaimTypes.Role, "User"));
13}
The first parameter of the Claim constructor needs to be in the format of a namespace and I added this one up as it was an internal name we are using.
The second parameter of the Claim constructor is the value you want to pass through.
Next go to the appfabric portal and add in the following rule to your STS provider. You need to make sure that the schema string you have in your code matches the Input Claim Type you added in your rule.
Now you should be passing through the Business claim to your website. To get access to the claim use the following code:
1using System.Threading;
2using Microsoft.IdentityModel.Claims;
1IClaimsPrincipal principal = (IClaimsPrincipal)Thread.CurrentPrincipal;
2var business = "";
3foreach (Claim claim in principal.Identities\[0\].Claims)
4{
5 if (claim.ClaimType.Equals("http://schemas.BlackMarble/Identity/Claims/Business"))
6 {
7 business = claim.Value;
8 break;
9 }
10}
11
12if (!String.IsNullOrEmpty(business))
13{
14 // we have a claim value for School so lets display it
15 BusinessLabel.Text = business;
16}
17else
18{
19 BusinessLabel.Text = "No business claim found";
20}
Again, note that the claim type namespace is the same as you specified previously.
The following claims are passed through to my website:
