Partager via

3.1.1.11.2.1 GetClaimsForPrincipal

  • Article
 procedure GetClaimsForPrincipal(
     pADPrincipal : ADDRESS OF DSNAME,
     pCertificateStringsArray : set of unicodestring,
     pClaimsBlob : ADDRESS OF CLAIMS_BLOB)

This procedure defines the process of generating claims for a principal in Active Directory and returning these claims as a BLOB in the wire format.

pADPrincipal: The Active Directory principal whose claims need to be generated.

pCertificateStringsArray: A set of Unicode strings.

pClaimsBlob: The output CLAIMS_BLOB structure that is filled with encoded claims.

Return Values: This procedure does not return a value.

Logical Processing:

 principalClass: ObjectClass;
 adSourcedClaims: CLAIMS_ARRAY;
 certificateSourcedClaims: CLAIMS_ARRAY;
 constructedClaims: CLAIMS_ARRAY
 adSourcedAndConstructedClaims: CLAIMS_ARRAY
 claimsSet : CLAIMS_SET;
  
 principalClass := pADPrincipal^!ObjectClass.ClassId;
 adSourcedClaims := null;
 certificateSourcedClaims := null;
 constructedClaims := null;
 claimsSet := null;
  
 GetADSourcedClaims (pADPrincipal, principalClass,
                     ADDRESS OF adSourcedClaims);
 GetCertificateSourcedClaims(
     principalClass,
     pCertificateStringsArray,
     ADDRESS OF certificateSourcedClaims);
 GetConstructedClaims (pADPrincipal, ADDRESS OF constructedClaims);
  
 /*
   Merge AD-sourced claims and constructed claims into one CLAIMS_ARRAY
 */
 adSourcedAndConstructedClaims.usClaimsSourceType := CLAIMS_SOURCE_TYPE_AD;
 if (adSourcedClaims.ulClaimsCount > 0)
     adSourcedAndConstructedClaims.ClaimsEntry := 
         adSourcedClaims.ClaimsEntry
     adSourcedAndConstructedClaims.ulClaimsCount := 
         adSourcedClaims.ulClaimsCount;
 endif
  
 if (constructedClaims.ulClaimsCount > 0)
     adSourcedAndConstructedClaims.ClaimsEntry[adSourcedAndConstructedClaims.ulClaimsCount]
         := constructedClaims.ClaimsEntry;
     adSourcedAndConstructedClaims.ulClaimsCount := 
         adSourcedAndConstructedClaims.ulClaimsCount + constructedClaims.ulClaimsCount;
 endif
  
 if (adSourcedAndConstructedClaims.ulClaimsCount > 0)
     claimsSet.ulClaimsArrayCount := claimsSet.ulClaimsArrayCount + 1;
     claimsSet.ClaimsArrays.add (adSourcedAndConstructedClaims);
 endif
  
 if (certificateSourcedClaims.ulClaimsCount > 0)
     claimsSet.ulClaimsArrayCount := claimsSet.ulClaimsArrayCount + 1;
     claimsSet.ClaimsArrays.add (certificateSourcedClaims);
 endif
  
 if (claimsSet.ulClaimsArrayCount = 0)
     pClaimsBlob^ := NULL;
     return;
 endif
  
 EncodeClaimsSet(ADDRESS OF claimsSet, pClaimsblob);
  
 return;