Skip to main content
BuyLog In
XAF: Cross-Platform .NET App UI & Web API
Search in…
Docs > API Reference > DevExpress.ExpressApp.Security.Authentication > WindowsActiveDirectoryAuthenticationProviderEvents > Properties > OnCustomizeClaims
All docs
V23.2
.NET 6.0+
  • The page you are viewing does not exist in the .NET Framework 4.5.2+ platform documentation. This link will take you to the parent topic of the current section.
XAF: Cross-Platform .NET App UI & Web API
Getting Started
Installation, Upgrade, Version History
Backend Web API Service
UI Shell and Base Infrastructure
Storage, ORM, and Business Model Design
Data Manipulation and Business Logic
User Interface and Behavior Customization
Data Filtering
Application Security and Data Safety
Multi-Tenancy (Data per Tenant)
Validation (Prevent Data Errors)
Conditional Appearance (Manage State of UI Elements)
Reporting (Shape, Export & Print Data)
Analytics (Extract Data Insights)
Document Management
Business Process Management
Event Planning
Localization
Accessibility Support
Debugging, Testing and Error Handling
Deployment
Support, QA & Troubleshooting
API Reference
DevExpress.EasyTest.Framework
DevExpress.EntityFrameworkCore.Security
DevExpress.ExpressApp
DevExpress.ExpressApp.Actions
DevExpress.ExpressApp.ApplicationBuilder
DevExpress.ExpressApp.AspNetCore
DevExpress.ExpressApp.AuditTrail
DevExpress.ExpressApp.Blazor
DevExpress.ExpressApp.Blazor.ApplicationBuilder
DevExpress.ExpressApp.Blazor.Editors
DevExpress.ExpressApp.Blazor.Editors.Grid
DevExpress.ExpressApp.Blazor.Editors.Models
DevExpress.ExpressApp.Blazor.Services
DevExpress.ExpressApp.Blazor.SystemModule
DevExpress.ExpressApp.Blazor.Templates.Navigation
DevExpress.ExpressApp.Chart
DevExpress.ExpressApp.Chart.Win
DevExpress.ExpressApp.CloneObject
DevExpress.ExpressApp.ConditionalAppearance
DevExpress.ExpressApp.Core
DevExpress.ExpressApp.Dashboards
DevExpress.ExpressApp.Dashboards.Blazor
DevExpress.ExpressApp.Dashboards.Blazor.Components
DevExpress.ExpressApp.Dashboards.Blazor.Components.Models
DevExpress.ExpressApp.Dashboards.Blazor.Controllers
DevExpress.ExpressApp.Dashboards.Blazor.Services
DevExpress.ExpressApp.Dashboards.Win
DevExpress.ExpressApp.Data
DevExpress.ExpressApp.DC
DevExpress.ExpressApp.DC.ClassGeneration
DevExpress.ExpressApp.Editors
DevExpress.ExpressApp.EFCore
DevExpress.ExpressApp.FileAttachments.Blazor
DevExpress.ExpressApp.FileAttachments.Win
DevExpress.ExpressApp.Filtering
DevExpress.ExpressApp.Kpi
DevExpress.ExpressApp.Layout
DevExpress.ExpressApp.MiddleTier
DevExpress.ExpressApp.Model
DevExpress.ExpressApp.Model.Core
DevExpress.ExpressApp.Model.NodeGenerators
DevExpress.ExpressApp.ModelEditor
DevExpress.ExpressApp.Notifications
DevExpress.ExpressApp.Notifications.Win
DevExpress.ExpressApp.Office
DevExpress.ExpressApp.Office.Blazor
DevExpress.ExpressApp.Office.Win
DevExpress.ExpressApp.PivotChart
DevExpress.ExpressApp.PivotChart.Win
DevExpress.ExpressApp.PivotGrid
DevExpress.ExpressApp.PivotGrid.Win
DevExpress.ExpressApp.ReportsV2
DevExpress.ExpressApp.ReportsV2.Blazor
DevExpress.ExpressApp.ReportsV2.Services
DevExpress.ExpressApp.ReportsV2.Win
DevExpress.ExpressApp.Scheduler
DevExpress.ExpressApp.Scheduler.Blazor
DevExpress.ExpressApp.Scheduler.Blazor.Editors
DevExpress.ExpressApp.Scheduler.Win
DevExpress.ExpressApp.ScriptRecorder
DevExpress.ExpressApp.ScriptRecorder.Win
DevExpress.ExpressApp.Security
DevExpress.ExpressApp.Security.Adapters
DevExpress.ExpressApp.Security.Authentication
WindowsActiveDirectoryAuthenticationProviderEvents
Members
Constructors
Properties
CustomCreateUser
OnCustomizeClaims
Methods
WindowsActiveDirectoryAuthenticationProviderOptions
WindowsAuthenticationOptions
DevExpress.ExpressApp.Security.ClientServer
DevExpress.ExpressApp.Security.ClientServer.Wcf
DevExpress.ExpressApp.Security.ClientServer.WebApi
DevExpress.ExpressApp.Security.EF.Adapters
DevExpress.ExpressApp.Security.Strategy
DevExpress.ExpressApp.Security.Xpo.Adapters
DevExpress.ExpressApp.Services.Localization
DevExpress.ExpressApp.StateMachine
DevExpress.ExpressApp.SystemModule
DevExpress.ExpressApp.Templates
DevExpress.ExpressApp.Templates.ActionContainers
DevExpress.ExpressApp.TreeListEditors
DevExpress.ExpressApp.TreeListEditors.Win
DevExpress.ExpressApp.Updating
DevExpress.ExpressApp.Utils
DevExpress.ExpressApp.Validation
DevExpress.ExpressApp.Validation.Win
DevExpress.ExpressApp.ViewVariantsModule
DevExpress.ExpressApp.WebApi.Services
DevExpress.ExpressApp.Win
DevExpress.ExpressApp.Win.ApplicationBuilder
DevExpress.ExpressApp.Win.Core
DevExpress.ExpressApp.Win.Editors
DevExpress.ExpressApp.Win.Model
DevExpress.ExpressApp.Win.SystemModule
DevExpress.ExpressApp.Win.Templates
DevExpress.ExpressApp.Win.Templates.Navigation
DevExpress.ExpressApp.Win.Utils
DevExpress.ExpressApp.Xpo
DevExpress.ExpressApp.Xpo.Utils
DevExpress.Persistent.AuditTrail
DevExpress.Persistent.Base
DevExpress.Persistent.Base.General
DevExpress.Persistent.Base.ReportsV2
DevExpress.Persistent.Base.Security
DevExpress.Persistent.BaseImpl
DevExpress.Persistent.BaseImpl.AuditTrail.Services
DevExpress.Persistent.BaseImpl.EF
DevExpress.Persistent.BaseImpl.EF.PermissionPolicy
DevExpress.Persistent.BaseImpl.PermissionPolicy
DevExpress.Persistent.Validation
Download CHM

WindowsActiveDirectoryAuthenticationProviderEvents.OnCustomizeClaims Property

Specifies a delegate method that allows you to customize the set of claims added to the authentication cookie.

Namespace: DevExpress.ExpressApp.Security.Authentication

Assembly: DevExpress.ExpressApp.Security.v23.2.dll

NuGet Package: DevExpress.ExpressApp.Security

Declaration

public Action<WindowsPrincipalCustomizeClaimContext> OnCustomizeClaims { get; set; }

Property Value

Type Description
Action<DevExpress.ExpressApp.Security.WindowsPrincipalCustomizeClaimContext>

A delegate method that takes a context object as an argument.

Remarks

Use this property in an ASP.NET Core Blazor application to customize claims added to the authentication cookie when Active Directory authentication is used as an optional authentication method.

Note

When Active Directory authentication is used as the default authentication method, the client passes user identity information to the server with each request. In this instance, an authentication cookie is not used, so the OnCustomizeClaims delegate method is never called.

The specified delegate method is called after the user authentication succeeds and before the authentication cookie is issued. In the delegate method, you can customize the list of claims added to the cookie. You can also access the principal object and copy the required claims from it.

To keep the cookie small, only the claims of the following types are copied from the principal object (the default setting):

  • ClaimTypes.Name
  • ClaimTypes.NameIdentifier

The code sample below demonstrates how to add a claim of the ClaimTypes.PrimaryGroupSid type to the authentication cookie.

File: MySolution.WebApi\startup.cs (MySolution.Blazor.Server\startup.cs)

using System.Security.Claims;
// ...
services.AddXaf(Configuration, builder => {
    // ...
    builder.Security
        .AddWindowsAuthentication(options => {
            options.CreateUserAutomatically();
            options.Events.OnCustomizeClaims = context => {
                Claim primaryGroupSid = context.Principal.Claims.First(claim => claim.Type == ClaimTypes.PrimaryGroupSid);
                context.Claims.Add(primaryGroupSid);
            };
        });
        // ...
});

Access Claims

You can use one of the following techniques to access claims from an ASP.NET Core Blazor application’s code at runtime:

  • Use the DevExpress.ExpressApp.Security.IPrincipalProvider service’s User.Claims property.
  • In an MVC controller, you can use the controller’s User.Claims property. In middleware, use the HttpContext’s context.User.Claims property.

The code sample below demonstrates how to implement a custom Controller that injects the IPrincipalProvider service and uses it to access claims:

File: MySolution.Blazor.Server\Controllers\MyController.cs

using System.Security.Claims;
using DevExpress.ExpressApp;
using DevExpress.ExpressApp.Security;

namespace MainDemo.Blazor.Server.Controllers {
    public class MyController : ViewController {
        readonly IPrincipalProvider principalProvider;

        public MyController() { }

        [ActivatorUtilitiesConstructor]
        public MyController(IServiceProvider serviceProvider) : this() {
            principalProvider = serviceProvider.GetRequiredService<IPrincipalProvider>();
            var _claimsPrincipal = (ClaimsPrincipal)principalProvider.User;
            var customClaim = _claimsPrincipal.FindFirst(c => c.Type == "CustomClaim");
            if(customClaim != null && customClaim.Value == "ClaimValue") {
                Active.SetItemValue("CustomClaim", false);
            }
        }
    }
}
See Also