I have a site that is using Azure ACS as our trusted identity provider. All authentication goes through this STS. ACS provides my identity claim (email) and can provide others. Additionally, I understand that I could write a custom claims provider to extend my user with even more claims.
What I'm struggling with is how I can use these claims to control authorizations within my site? I do not want to directly assign a user, by email, into a SharePoint group. Instead I would like to interrogate a claim to determine group membership.
Aucun commentaire:
Enregistrer un commentaire