Using Custom Claims in Web Application Policies in SharePoint 2010

Had kind of an interesting question that someone just asked me so I thought I would share the results here with everyone.  The question was whether you could take a custom claim that is provided by augmentation via a custom claims provider, and use it as part of a web application policy that you create in central admin.  Well, I just did a quick test and found that it worked fine.  I created a Full Read policy on one of my web applications to anyone who had DKV Jovenut as their favorite basketball team.  It created the policy without problems in central admin.  I then went to a site collection in that web app where I hadn’t granted anyone rights outside of the site collection admin.  I tried logging in as a random user that had the DKV Jovenut claim for favorite basketball team and they were able to log into the site.  I also went into a document library and confirmed that they could see documents but not upload new ones.  So, good question, and it appears we work in this scenario just fine.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s