Windows 身份验证并通过数据库添加授权角色 - MVC asp.net [英] Windows Authentication and add Authorization Roles through database - MVC asp.net

查看:18
本文介绍了Windows 身份验证并通过数据库添加授权角色 - MVC asp.net的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我是 mvc4 asp .net 的新手,对身份验证和授权感到困惑.我们是一个内部网站,它从 Windows 身份验证中获取用户名(HttpContext.Current.User.Identity.Name)并检查数据库是否存在用户名以及用户具有什么角色.我想使用全局 [Authorize] 属性和角色来授予对控制器的访问权限.任何人都可以帮助我如何开始.

现在,我有一个函数可以传递用户名并从数据库中获取用户数据和相关角色,查询数据被添加到模型中.所以,我正在使用这个函数来访问网站,但我想使用相同的数据检查所有控制器和视图,而无需一直查询 db.

解决方案

您只需要创建自定义角色提供程序.为此,您可以创建一个继承自 System.Web.Security.RoleProvider 的类并覆盖某些成员.下面的代码应该让你开始.用您的函数实现替换所有 throw new NotImplementedException() 内容.例如,IsUserInRole 您将提供查询数据库以查看用户是否处于指定角色的代码.

使用 System.Web.Security;命名空间 MyNamespace{公共类 MyRoleProvider : RoleProvider{public override void AddUsersToRoles(string[] usernames, string[] roleNames){抛出新的 NotImplementedException();}公共覆盖字符串 ApplicationName{得到;放;}public override void CreateRole(string roleName){抛出新的 NotImplementedException();}public override bool DeleteRole(string roleName, bool throwOnPopulatedRole){抛出新的 NotImplementedException();}public override string[] FindUsersInRole(string roleName, string usernameToMatch){抛出新的 NotImplementedException();}公共覆盖字符串[] GetAllRoles(){抛出新的 NotImplementedException();}公共覆盖字符串[] GetRolesForUser(字符串用户名){抛出新的 NotImplementedException();}公共覆盖字符串[] GetUsersInRole(string roleName){抛出新的 NotImplementedException();}public override bool IsUserInRole(string username, string roleName){抛出新的 NotImplementedException();}public override void RemoveUsersFromRoles(string[] usernames, string[] roleNames){抛出新的 NotImplementedException();}公共覆盖 bool RoleExists(string roleName){抛出新的 NotImplementedException();}}}

您可能不需要全部实现.例如,如果您的应用程序不会创建或删除角色,则无需对 CreateRoleDeleteRole 执行任何操作.

您还需要向 ASP.NET 框架注册您的角色提供程序,以便它知道如何使用它.更新您的 web.config,如下所示.

<预><代码><配置><system.web><roleManager defaultProvider="MyRoleProvider" enabled="true"><提供者><添加名称="MyRoleProvider"type="MyNamespace.MyRoleProvider"applicationName="MyApplicationName"/></提供者></roleManager></system.web></配置>

I am new to mvc4 asp .net and confused with the authentication and authorization. Our's is an internal website that takes username(HttpContext.Current.User.Identity.Name) from windows authentication and check against database if the username exists and what roles the user has. I want to use the global [Authorize] attribute and roles, to give access to controllers. Can anyone help me on how to start with.

For now, I have a function that passes username and get the user data and related roles from database, the query data is added to the model.So, I am using this function to give access to the website but I want to use the same data to check against all controllers and views without querying against db all the time.

解决方案

You just need to create a custom role provider. You do this by creating a class that inherits from System.Web.Security.RoleProvider and overriding certain members. The below code should get you started. Replace all the throw new NotImplementedException() stuff with your implementation of the function. For example, IsUserInRole you would provide code that would query your database to see if the user is in the specified role.

using System.Web.Security;

namespace MyNamespace
{        
    public class MyRoleProvider : RoleProvider
    {
        public override void AddUsersToRoles(string[] usernames, string[] roleNames)
        {
            throw new NotImplementedException();
        }

        public override string ApplicationName
        {
           get; set;
        }

        public override void CreateRole(string roleName)
        {
            throw new NotImplementedException();
        }

        public override bool DeleteRole(string roleName, bool throwOnPopulatedRole)
        {
            throw new NotImplementedException();
        }

        public override string[] FindUsersInRole(string roleName, string usernameToMatch)
        {
            throw new NotImplementedException();
        }

        public override string[] GetAllRoles()
        {
            throw new NotImplementedException();
        }

        public override string[] GetRolesForUser(string username)
        {
            throw new NotImplementedException();
        }

        public override string[] GetUsersInRole(string roleName)
        {
            throw new NotImplementedException();
        }

        public override bool IsUserInRole(string username, string roleName)
        {
            throw new NotImplementedException();
        }

        public override void RemoveUsersFromRoles(string[] usernames, string[] roleNames)
        {
            throw new NotImplementedException();
        }

        public override bool RoleExists(string roleName)
        {
            throw new NotImplementedException();
        }
    }
}

You may not need to implement all of it. For example, if your application won't be creating or deleting Roles, then no need to do anything with CreateRole or DeleteRole.

You also need to register your role provider with ASP.NET framework so it knows to make use of it. Update your web.config like below.

<configuration>
    <system.web>
        <roleManager defaultProvider="MyRoleProvider" enabled="true">
            <providers>
                <add
                    name="MyRoleProvider"
                    type="MyNamespace.MyRoleProvider"           
                    applicationName="MyApplicationName" />
            </providers>
        </roleManager>
    </system.web>
</configuration>

这篇关于Windows 身份验证并通过数据库添加授权角色 - MVC asp.net的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
C#/.NET最新文章
热门教程
热门工具
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆