会话 Roles.AddUsertoRole 中的 asp.net 存储角色(不是我要找的?) [英] asp.net store roles in session Roles.AddUsertoRole (not what i'm looking for?)
问题描述
这是一种奇怪的表达问题的方式,但这正是我想要实现的目标.
This is a weird way to state the question, but this is what I'm trying to achieve.
这就是我要做的
连接到 MySQL 数据库(完整)
认证(完整)
选择我在 mySQL 中指定的所有角色(完整)
以某种方式存储这些角色,以便我可以根据角色成员身份显示控件和链接.
Connect to a MySQL Db(complete)
authenticate(complete)
select all the roles that I have specified in mySQL (complete)
store those roles somehow so I can display controls and links based on their role membership.
我刚刚想通了这个来处理 web.config 中的 mySQL 部分
I just got this figured out to handle the mySQL part in web.config
system.web
membership defaultProvider="MySQLMembershipProvider" /
roleManager enabled="true" defaultProvider="MySQLRoleProvider" /
/system.web
我用这个作为代码
MySqlDataReader dr2 = cmd2.ExecuteReader();
while (dr2.Read())
{
string roleName = dr2["role"].ToString();
//error here -> Roles.AddUserToRole(userID, roleName);
}
用户 ''@'localhost' 访问被拒绝(使用密码:NO)
Access denied for user ''@'localhost' (using password: NO)
Roles.AddUserToRole 真的是我想要满足我的需求的吗?我想我需要将用户角色存储在 sessio 中,不是吗?我
Is Roles.AddUserToRole really what i'm looking for to satisfy my needs. I think I need to store the user roles in the sessio don't I? I
推荐答案
Roles.AddUserToRole 真的是我想要满足我的需求的吗?我想我需要将用户角色存储在 sessio 中,不是吗?
不!将用户添加到角色意味着提供者会将用户链接到角色.由于您已经链接了用户,因此这是一个毫无价值的方向.
NO! Adding user to roles means the provider will link the user to the role. As you already have the user linked, this is a worthless direction.
以某种方式存储这些角色,以便我可以根据角色成员身份显示控件和链接
为什么需要这样做?在页面级别,您可以使用修剪设置 ASP.NET 安全性,这样如果页面不处于正确的角色中,您就可以自动从用户的视图中排除页面.至于部分/控件/等,您可以检查用户是否处于角色中,然后确定是否显示它.如果您使用部分,则可以通过声明方式而不是通过编程方式来完成大部分工作.
Why do you need to do this? At the page level, you can set up ASP.NET security with trimmings so you can automagically exclude pages from the user's view if they are not in the correct role(s). As far as sections/controls/etc, you can check to see if a user IS in a role and then determine whether or not to display it. If you use sections, a lot of this can be done declaratively rather than programmatically.
一个警告是您的会员服务提供商支持什么.开箱即用"提供程序(Access 和 SQL Server)支持用于排除页面部分等的安全修整和声明性语法.如果 MySQL 提供程序完全实现了所有方法,那么您也应该可以使用它.如果您创建自定义提供程序,则您必须实施某些部分才能使工作正常进行.
The one caveat is what your membership provider supports. The "out of the box" providers (Access and SQL Server) support security trimmings and declarative syntax for exclusions of sections of a page, etc. If the MySQL provider full implements all of the methods, you should be fine using it, as well. If you create a custom provider, there are certain parts YOU have to implement to get things to work.
简而言之,一旦您获取了一个membershipUser(对该人进行身份验证),您就可以访问该人是否在角色中.这是 .NET 中成员资格提供程序标准实现的一部分.只要您用于 MySQL 的提供程序涵盖了所有相同的方法,您就可以在谷歌上进行快速搜索并找到大量展示如何根据角色显示/隐藏位的网站.
The short story is once you grab a membershipUser (authenticate the person), you will have access to whether the person is in role or not. This is all part of the standard implementation of a membership provider in .NET. As long as the provider you are using for MySQL covers all of the same methods, you can do a quick google search and find tons of sites showing how to show/hide bits based on roles.
这篇关于会话 Roles.AddUsertoRole 中的 asp.net 存储角色(不是我要找的?)的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
