ASP.NET Framework中基于自定义策略的授权 [英] Custom Policy-Based Authorization in ASP.NET Framework

问题描述

我正在将ASP.NET API与.NET Framework 4.7.1结合使用

I'm using ASP.NET API with .NET Framework 4.7.1

我正在寻找基于策略的自定义授权.此文档介绍了针对.NET Core的基于策略的自定义授权，但是如何为.NET框架实现呢?

And I'm looking for custom policy-based authorization. This document described custom policy-based authorization for .NET core, but how could I implement it for .NET framework?

推荐答案

有一个Nuget包，它将基于策略的授权反向移植到.NET Framework 4.

There is a Nuget package that backports the Policy-based authorization to .NET Framework 4.

您可以根据需要使用 Microsoft.Owin.Security.Authorization.Mvc 或 Microsoft.Owin.Security.Authorization.WebApi 包.这两个软件包都将为您带来链接文档中所述的相同功能.

You can use Microsoft.Owin.Security.Authorization.Mvc or Microsoft.Owin.Security.Authorization.WebApi package, depending on what you need. Both packages will bring you the same functionalities described in the document you linked.

例如:

using Owin;
using Microsoft.Owin;
using Microsoft.Owin.Security.Authorization.Infrastructure;
using System.IdentityModel.Claims;

[assembly: OwinStartup(typeof(Startup))]
namespace Concep.Platform.WebApi.App_Start
{
    public class Startup
    {
        public void Configuration(IAppBuilder app)
        {
            app.UseAuthorization(options =>
            {
                options.AddPolicy("AbleToCreateUser", policy => policy.RequireClaim(JwtClaimTypes.Role, "Manager"));
            });
        }

    }
}

来源: https://vladimirgeorgiev.com/blog/policy-based-authorization-in-asp-net-4/

这篇关于ASP.NET Framework中基于自定义策略的授权的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！