保护 Winform 页面的最佳方法? [英] Best way to secure a Winform page ?

问题描述

在 Web 应用程序中，我们定义角色、表单身份验证等以确保安全，但保护 Winform 的最佳方法是什么?

In a Web application we define roles, forms authentication etc. for security, but what should be the best way to secure a Winform ?

实际上我正在制作桌面应用程序，在成功登录后我隐藏登录页面并像这样显示 DisplayForm ;

Actually I am making desktop application in which I hide login page after successful login and show DisplayForm like this ;

//On successful login
this.Hide()
Form newForm = new DisplayForm();
newForm.Show();

但我不知道这样做是否正确?我希望用户只有在成功登录后才能看到这个 DisplayForm.

But I don't know if it's the right way or not? I want the user to be able to see this DisplayForm only after successful login.

有什么指导吗?

推荐答案

根据 Mike 的回答，这是我使用的实现(根据 OP 的要求):

To follow on from Mike's answer this is the implementation I used (as requested by the OP):

在函数定义中添加以下内容:

Add the following to the function definition:

[PrincipalPermissionAttribute(SecurityAction.Demand, Role = "<Your role>")]
public void YourFunction()
{
    .. do something
}

其中 是您要限制访问的 AD 角色.

Where <Your Role> is the AD role you want to restrict access to.

然后像这样包装你的函数调用:

Then wrap your function call like this:

        try
        {
            YourFunction();
        }
        catch (System.Security.SecurityException)
        {
            MessageBox.Show("You do not have permission to perform this action.", "Access Error", MessageBoxButtons.OK, MessageBoxIcon.Stop);
        }
        ...

这篇关于保护 Winform 页面的最佳方法?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！