Using Custom Claims in Web Application Policies in SharePoint 2010

Had kind of an interesting question that someone just asked me so I thought I would share the results here with everyone.  The question was whether you could take a custom claim that is provided by augmentation via a custom claims provider, and use it as part of a web application policy that you create in central admin.  Well, I just did a quick test and found that it worked fine.  I created a Full Read policy on one of my web applications to anyone who had DKV Jovenut as their favorite basketball team.  It created the policy without problems in central admin.  I then went to a site collection in that web app where I hadn't granted anyone rights outside of the site collection admin.  I tried logging in as a random user that had the DKV Jovenut claim for favorite basketball team and they were able to log into the site.  I also went into a document library and confirmed that they could see documents but not upload new ones.  So, good question, and it appears we work in this scenario just fine.

Comments (1)

  1. alexandrad9x says:

Skip to main content