This post is a quick guide to extend SAF.
1. To create new authorizer (e.g. Authorization Attribute):
Easiest way to create new attributes is to inherit from Grand, Deny, or Custom attributes.
Authorizers are not limited to attributes. In general any authorizer should implement IAuthorizationContainer which contains an IEnumerable of IPrincipleAuthorizer.
All you need to extent the authorizers is to implement IPrincipleAuthorizer with your custom authorization logic.
2. Extend Authorization Rule Provider. If you don’t want to use the provided attribute based authorization rules, you can implement IAuthorizationRuleProvide with your own rules. For example, you may want to use database to get your authorization rules from it. In this case you implement the GetAuthorizers() and GetPropertyAuthorizers() methods of the authorization to generate your IPrincipalAuthorizers from database.
3. Extend AuthorizationContext. Authorization context depends to two providers: It needs 1) a rule provider, and 2) a principal provider. The principal provider. You can extend the context by writing these providers.