ASP.NET身份 - 混淆[授权]和RoleManager [英] ASP.NET Identity - Confusion about [Authorize] And RoleManager
问题描述
我一直在关注有关创建新的ASP.NET识别系统定制的存储提供商这一职位,至今它已被证明非常丰富;
I have been following this post on creating a custom "storage provider" for the new ASP.NET Identity system, and so far it has proven very informative;
我不使用MySQL,我使用RavenDB - 是的,我已经在现有的RavenDB身份提供看在那里 - 那是不是我的问题。我的问题自带的 IUserRoleStore< IdentityUser> ,然后 IdentityRole ,以及 Rolestore的。
I am not using MySQL, I am using RavenDB - and yes, I have already looked at the available RavenDB Identity Providers out there - that isn't really my issue. My issue comes with the IUserRoleStore<IdentityUser> and then the IdentityRole, as well as RoleStore.
我看到他们得到创造的 - 我甚至看到他们如何访问数据,看是否有用户在作用,等等。但是后来,我刚才看到这个..
I see them get created - I even see how they access data to see if a user is in a role, etc. But then later, I just see this ..
[Authorize(Roles = "Admin")]
public AccountController : Controller {
/// ... etc .etc..
}
这是我在哪里得到彻底丢失。我已经看过了数十座和几十个新的ASP.NET识别系统的教程,我不能在什么点东西变得与 AuthorizeAttribute 相关弄清楚。它怎么知道使用 Rolestore的我做?它怎么知道使用 IdentityRole 我做?它是什么验证对?
This is where I am getting outright lost. I have looked up dozens and dozens and dozens of tutorials on the new ASP.NET Identity system and I cannot figure out at what point something becomes associated with the AuthorizeAttribute. How does it know to use the RoleStore I made? How does it know to use the IdentityRole I made? What is it verifying against?
所有这些都是我找不到任何地方,它是一种驾驶我的疯狂。一切,我觉得一直堵到实体框架,这是不是我想用什么 - 它只是方式开箱,他们似乎停止瞒着你如何确保授权就像你想让它。
These are all things I cannot find anywhere, and it is driving me kind of batty. Everything I find keeps plugging into Entity Framework, which isn't what I want to use - and it is just that way out of the box, and they seem to stop without telling you how to make sure the Authorize works like you want it to.
推荐答案
该授权属性不知道ASP.NET身份,或任何其它身份系统什么。它只是简单地用的IPrincipal 的MVC框架为你设置和的IIdentity 接口工作。
The Authorize attribute doesn't know anything about ASP.NET Identity, or any other identity system. It simply works with IPrincipal and IIdentity interfaces that the MVC framework sets up for you.
ASP.NET身份使用 ClaimsIdentity 对象,它实现了的IIdentity 。
ASP.NET Identity uses a ClaimsIdentity object, which implements IIdentity.
于是框架,通过的UserManager创建一个身份验证票证。当一个页面加载,加载这个身份验证票证,解密它,并创造必要的本金和身份和角色的对象。
So the Framework, via the UserManager creates an authentication ticket. When a page loads, it loads this authentication ticket, decrypts it, and creates the necessary principal and identity and role objects.
然后,授权属性基本上只是检查 User.IsInRole(嗒嗒)当你说
Then, the Authorize attribute just basically checks User.IsInRole("Blah") when you say
[授权(角色=嗒嗒)]
这篇关于ASP.NET身份 - 混淆[授权]和RoleManager的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
