我怎么去授权的MVC 2？ [英] How do I go about Authorization in MVC 2?

问题描述

我怎么去授权的MVC 2？

How do I go about Authorization in MVC 2?

我想用AD组/角色，而不是所提供的缺省值。这似乎是AspNetSqlMembershipProvider。

I want to use AD groups/roles rather than the default that is provided. That seems to be "AspNetSqlMembershipProvider".

反正我把：

[Authorize(Users = "username")]
        public ActionResult About()
        {
            ViewData["Welcome"] = "Welcome About";

            return View();
        }

然后加载页面给我：连接名称ApplicationServices'在未找到
该应用程序的配置或连接字符串是空的。

And then loading the page gives me: The connection name 'ApplicationServices' was not found in the applications configuration or the connection string is empty.

Line 34:       <providers>
Line 35:         <clear />
Line 36:         <add name="AspNetSqlMembershipProvider" type="System.Web.Security.SqlMembershipProvider" connectionStringName="ApplicationServices" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" requiresUniqueEmail="false" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10" applicationName="/" />
Line 37:       </providers>
Line 38:     </membership>

我读<一个href=\"http://stackoverflow.com/questions/6192475/using-mvcs-authorizeattribute-with-multiple-groups-of-roles\">this计算器，但创建扩展 ActionFilterAttribute ContextCache，国际奥委会和一些其他事情的自定义类 AuthorizationAttribute 之后无法解析，并没有真正知道从哪里从那里去。我也看了这个计算器以及它表明不同绕了，开始获得糊涂了。

I read this stackoverflow, but after creating a custom class AuthorizationAttribute extending ActionFilterAttribute ContextCache, IoC and a number of other things could not resolve, and not really sure where to go from there. I also read this stackoverflow and it suggests going about it differently, starting to get confused.

我如何去使用AD组，而不是 AspNetSqlMembershipProvider 在MVC应用程序？

How do I go about using AD groups rather than AspNetSqlMembershipProvider in MVC app ?

奖金的问题：说我有一个编辑按钮的页面。我可以添加逻辑来决定是否根据授权渲染这个按钮？

Bonus question: Say I have a "Edit" button a page. Can I add logic to decide whether to render this button based on the Authorization ?

感谢您的帮助。

编辑：一些进一步的信息

我不打算阻止或允许所有访问这个网站。

I do not intend to block or allow ALL access to this site.

我打算有3个基本的用户群区分的访问级别，即超级管理员，管理员，
基本访问。

I intend to have 3 basic user groups differentiating level of access, i.e. Super Admin, Admin, Basic Access.

将不会有日志的形式，当用户点击该网站，我们将检查用户OF-然后页面呈现基于成员的群组。

There will be no log in form, when the user hits the site we will check which group the user is a member of- then the page renders based on that.

因此​​，例如，用户鲍勃在基本访问组将达到页面和按钮/像编辑行为，删除被禁用，所以基本上只读组。但是用户群超级管理员吉姆，有提供给他的一切行动/按钮。我怎么能做到这一点？

So for example, user 'bob' in 'Basic Access' group will hit the page and buttons/actions like "Edit", "Delete" are disabled, so basically a read only group. But user 'jim' in group 'Super Admin', has all actions/buttons available to him. How could I achieve this ?

推荐答案

您应该考虑的 Windows身份验证

还是用授权属性在你的控制器/动作，而是将网站配置为使用Windows身份验证来代替。

Still use the Authorize attribute on your controllers/actions, but configure your site to use Windows Authentication instead.

奖金回答：要检查在code认证和授权，可以使用从控制器执行下列操作之一：

Bonus answer: To check authentication and authorization in code, you can use one of the following from a controller:

this.User.Identity.IsAuthenticated
this.User.Identity.Name
this.User.IsInRole("roleName")

这篇关于我怎么去授权的MVC 2？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！