WPF应用程式安全性 [英] WPF app security
问题描述
我正在编写一个简单的WPF客户端应用程序,而不是ASP.NET.我正在寻找访问该应用程序的最佳安全性实践.我要这样做,以便在客户端上安装该应用程序后,如果该用户在Active Directory下进行了身份验证, 有访问权限,如果没有,那么他们将没有访问权限.下一步是在Active Directory中放置该应用程序的对象,以便我可以控制对该应用程序或该应用程序某些区域的访问. 请向我介绍最佳做法,示例等.
I'm writing a simple WPF client app, not ASP.NET. I'm looking for best practices for security for accessing the app. I want to make it so that after I install the app on the client, if the user is authenticated under Active Directory, they would have access, if not, then they wouldn't. The next step is to put in an object for the app in Active Directory so that I could control access to the app or certain areas of the app. Please point me to the Best Practices, examples, etc.
Thx
推荐答案
如果您确实需要具有角色(或组)的能力,并且您正在使用.NET 3.5,则可以利用新添加的Active Directory API来简化一切,即
If you do require the ability to get Roles (or Groups) and you are working with .NET 3.5 then you can take advantage of the new Active Directory API added that makes everything much easier, namelySystem.DirectoryServices.AccountManagement. For the most basic of Membership and Role services you'll want to have the following to create your own basic MembershipProvider and RoleProvider:
- RoleProvider.GetAllRoles()-使用新的GroupPrincipal()作为新 RoleProvider.IsUserInrole()-使用 FindByIdentity() 方法 要获取用户,请使用 GroupPrincipal . FindByIdentity() to 获取组,然后使用
- MembershipProvider.ValidateUser() - should use PrincipalContext.ValidateCredentials()
- RoleProvider.GetAllRoles() - use a new GroupPrincipal() as a source to a new PrincipalSearcher()
- RoleProvider.IsUserInrole() - use UserPrincipal.FindByIdentity() method to get a user, useGroupPrincipal.FindByIdentity() to get the group, then use the IsMemberOf() method on the user to see if they're a member of the group.
您可以根据需要实现尽可能少的API,您应该在新的AccountManagement命名空间中找到所需的一切.
You can implement as little or as much of the API as needed, you should find everything you need in the new AccountManagement namespace to do this.
这篇关于WPF应用程式安全性的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
