什么是最低ASP.NET提供者实现我需要获得用户身份验证和授权? [英] What is the minimum ASP.NET provider implementation I need to get a user authenticated and authorized?
问题描述
在默认情况下ASP.NET MVC设置了的AccountController使用SqlMembershipProvider的,的SqlProfileProvider和SqlRoleProvider。我并不真的需要给表带来的一切,其实,它更是一个麻烦,我的数据捏成该模型。
By default ASP.NET MVC setups up the AccountController to use the SqlMembershipProvider, SqlProfileProvider and the SqlRoleProvider. I don't really need everything that brings to the table, in fact, it is more of a hassle to shape my data into that model.
我需要实现上的MembershipProvider,RoleProvider和ProfileProvider抽象类来获得身份验证和授权,而不是打破一些其他的依赖,可能是那里的最小值是?
What is the minimum I need to implement on the MembershipProvider, RoleProvider and ProfileProvider abstract classes to get authentication and authorization and not break some other dependency that might be there?
例如,在ProfileProvider它要我重写FindInactiveProfilesByUserName的方法,但我真的不关心这个功能。哪里是我的应用程序将打破NotImplementedException触发时?
For instance, on the ProfileProvider it wants me to override the "FindInactiveProfilesByUserName" method, but I don't really care about this feature. Where is my app going to break when the NotImplementedException fires?
此外,上的MembershipProvider比如,我不需要FindUsersByEmail方法。如果我不执行,将ASP.NET MVC呛在某些时候?如果是这样,在哪里?
Additionally, on the MembershipProvider for instance, I don't need the FindUsersByEmail method. If I don't implement it will ASP.NET MVC choke at some point? If so, where?
推荐答案
据我所知,ASP.NET MVC并没有真正做任何事情,你就验证。考虑到这一点,作为@chrispr说,你应该只需要执行的ValidateUser
,并通过ASP.NET MVC项目模板创建的项目唯一的身份验证过程中调用这个方法。
As far as I know, ASP.NET MVC doesn't really do anything for you with regard to authentication. With that in mind, as @chrispr says, you should only need to implement ValidateUser
, and the project created by the ASP.NET MVC project template only calls that method during authentication.
关于授权,我参加了反射看看 AuthorizationAttribute
,发现它调用 IPrincipal.IsInRole
。综观 System.Web.Security.RolePrincipal
在反射器, IsInRole
要求 GetRolesForUser
,所以你可以尝试只实现该方法的开始。
Regarding authorization, I took a look at AuthorizationAttribute
in Reflector and found that it calls IPrincipal.IsInRole
. Looking at System.Web.Security.RolePrincipal
in Reflector, IsInRole
calls GetRolesForUser
, so you could try implementing only that method to start with.
我实现类似的原因自定义提供(我不喜欢SQL供应商使用的模式),但我选择不实现自定义配置文件提供程序,因为它似乎依靠配置文件属性的配置设置,我没不想去的路线(见 ASP.NET配置文件属性概述 )。
I implemented custom providers for similar reasons (I don't like the schema the sql providers use), but I chose not to implement a custom profile provider since it seems to rely on configuration settings for the profile properties, and I didn't want to go that route (see ASP.NET Profile Properties Overview).
作为一个方面说明,我发现,在看的SqlMembershipProvider
和 SqlRoleProvider
在反射器是有益的,当我实现我自己的供应商,所以你可能想要做的是一样的。
As a side note, I found that looking at the SqlMembershipProvider
and SqlRoleProvider
in Reflector was helpful when I implemented my own providers, so you might want to do the same.
这篇关于什么是最低ASP.NET提供者实现我需要获得用户身份验证和授权?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!