如何根据权限限制用户访问页面 [英] how to rstrict a user to access a page according to privilege
本文介绍了如何根据权限限制用户访问页面的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
如何判断用户,当他粘贴教师网址时,会将其重定向到登录页面,反之亦然
解决方案
你正在研究身份验证和授权之间的区别。您正在寻找的是两件事,首先使用角色提供程序,然后使用AuthorizeAttribute。
关于角色提供者的MS指南在这里:
实施角色提供程序 [ ^ ]
有一篇关于CP的文章描述了一种可能的实现:
ASP.NET MVC 5身份:扩展和修改角色 [ ^ ]
最后,一旦你有了一个角色提供者,您可以通过控制器或通过AuthorizeAttribute的操作锁定项目:
[授权(角色=管理员,用户)]
public class AccountController:Controller
{
[授权(角色= Admin)]
public ActionResult DeleteAccount(){...}
}
supposre student can acces student url and teacher can access teacher url if student paste the url directy he is able to go ito the teachers the page..how to restrict
how to rstrict the user that when he paste the teachers url it will redirect him to login page and vise versa
解决方案
You're looking at the difference between Authentication and Authorization. What you're looking for is two things, first off using a Role Provider, and secondly using the AuthorizeAttribute.
The MS guidance on role Providers is here:
Implementing a Role Provider[^]
There is an article on CP that describes one possible implementation here:
ASP.NET MVC 5 Identity: Extending and Modifying Roles[^]
And finally, once you have a role provider, you can lock down items by controller or by action with the AuthorizeAttribute:
[Authorize(Roles="Admin,User")] public class AccountController : Controller { [Authorize(Roles="Admin")] public ActionResult DeleteAccount(){...} }
这篇关于如何根据权限限制用户访问页面的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
