SharePoint 2010自定义声明提供程序

Question

All,

I've recently tried to implement a custom claims provider inside SharePoint 2010. The claims get populated with some business logic from a database.

The claims appear to be making it on to the users. Which is a good first step.

The next step was to check to see if the people picker worked.

The PeoplePicker can search and resolve the name if you click the "Check Names" button. HOWEVER... If you go into the PeoplePicker, and click Browse, then search for your claim, and select it and add it to the "Add" box, then click OK. Nothing happens, nothing is added to the Grant Permissions box. Alternatively, if you just type in a claim and click the "check names" button, it will resolve it fine, but if you click OK, it blanks out the field and says its required. Alternatively again, if you type in the claim and NOT click the "check names" button and just click "OK", you get an error message stating: The parameter loginName cannot be empty or bigger than 251 characters.

So in implementing the SPClaimProvider, there are 2 FillResolve methods, one that accepts a string, and one that accepts an SPClaim. The one that accepts an SPClaim NEVER gets called, ever. Which I believe, if I understand right, is the one that does the final resolving to apply the security based off the claim in SharePoint.

I've tried to be as detailed as possible without providing code, but please let me know whatever you need to know to help resolve this issue.

Thanks In Advance, Scott

Answer 1

I know this is an old question, but I came across it and thought I could help the next person. I usually see this effect "Click OK" and it goes away when I have an claim in the SPClaimProvider that is not in the Trusted Identity Provider (TIP). For a claim to be chained from the Secure Token Service to the SharePoint system, it must be in the TIP. If not SharePoint just discards it.

Hope that helps someone.