ASP.NET MVC授权 [英] ASP.NET MVC Authorization

问题描述

我如何与MVC asp.net实现授权？

How do I achieve authorization with MVC asp.net?

推荐答案

使用的授权属性。

[Authorize]
public ActionResult MyAction()
{
   //stuff
}

您也可以在控制器上使用。可以通过在用户或角色了。

You can also use this on the controller. Can pass in users or roles too.

如果你想用多一点控制的东西，你可以尝试像<一个href=\"http://schotime.net/blog/index.php/2009/02/17/custom-authorization-with-aspnet-mvc/\">this.

If you want something with a little more control, you could try something like this.

 public class CustomAuthorizeAttribute : AuthorizeAttribute
    {
        protected override bool AuthorizeCore(HttpContextBase httpContext)
        {
            string[] users = Users.Split(',');

            if (!httpContext.User.Identity.IsAuthenticated)
                return false;

            if (users.Length > 0 &&
                !users.Contains(httpContext.User.Identity.Name,
                    StringComparer.OrdinalIgnoreCase))
                return false;

            return true;
        }
    }

这篇关于ASP.NET MVC授权的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！