ASP.NET MVC 中的用户身份验证和授权 [英] User authentication and authorisation in ASP.NET MVC
问题描述
ASP.NET MVC 中用户授权/身份验证的最佳方法是什么?
What is the best method for user authorisation/authentication in ASP.NET MVC?
我认为实际上有两种方法:
I see there are really two approaches:
- 使用内置的 ASP.NET 授权系统.
- 使用带有我自己的用户、权限、用户组表等的自定义系统.
我更喜欢第二个选项,因为 User 是我的域模型的一部分(并且我对 ASP.NET 的内置内容零 经验),但我真的很想听到人们在这个领域一直在做什么.
I'd prefer the second option, because User is part of my domain model (and I have zero experience with ASP.NET's built-in stuff), but I'd really like to hear what people have been doing in this area.
推荐答案
实际上还有第三种方法.asp.net 成员资格功能基于提供者模型.您可以编写自定义提供程序,从而能够为数据的存储方式提供您自己的实现,同时保留 asp.net 会员资格的大部分好处.
There is actually a third approach. The asp.net membership functionality is based on the provider model. You can write a custom provider, thus being able to provide your own implementation for how the data is stored, but retaining much of the benefit of asp.net membership.
关于这个主题的一些文章:
Some articles on the subject:
http://msdn.microsoft.com/en-us/library/f1kyba5e.aspx
http://www.asp.net/learn/videos/video-189.aspx
http://www.15seconds.com/issue/050216.htm
这篇关于ASP.NET MVC 中的用户身份验证和授权的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!