If you miss the first part, you can refer to http://www.pascalbonheur.com/2010/03/claims-based-authorization-in-sharepoint-2010-real-life-example-part-1/. This will help you to understand the context of what we are going to speak about.

In our first article, I explained that some custom claims will be built (Years, School…) and they will be used to secure access to sites.

In order to do that, the first thing is to extend the People Picker to allow users to choose Year 2006 and then assign a permission to this Claim. By doing this, all the users that will be able to present the Claim Year 2006 (ie. all the users whose Year is 2006 in the STUDENTS_DB) will be able to connect to the site.

The following picture gives you an overview of the customized People Picker:

image

By doing this, users can select the Year (Annee 2002, sorry for the French ;) ) and then you can assign a permission:

image

In order to build the tree, the FillHierarchy function has to bee written.

protected override void FillHierarchy(Uri context, string[] entityTypes, string hierarchyNodeID, int numberOfLevels, SPProviderHierarchyTree hierarchy)

{

if (!EntityTypesContain(entityTypes, SPClaimEntityTypes.FormsRole))

return;

if(hierarchyNodeID == null)

{

//when it first loads add all our nodes

hierarchy.AddChild(new

Microsoft.SharePoint.WebControls.SPProviderHierarchyNode(

CSMBClaims.ProviderInternalName,

"Annees","Annees",

false));

}

}

Also, when a user select the entity from the tree, SharePoint recall the custom claim provider to resolve it:

protected override void FillResolve(Uri context, string[] entityTypes, string resolveInput, List<PickerEntity> resolved)
       { 

                   PickerEntity pe = ….

                   resolved.Add(pe);
              

       }

In the next part, I will explain the search part and also give more details about the function to Enrich the claims.