与服务层自定义验证? [英] Custom authentication with service layer?
问题描述
我有3层的应用程序,首先数据层,第二届businesslayer,三是asp.net mvc的网站。而我尝试添加以恰当的方式窗体身份验证。
I have an app with 3 "layers", first "datalayer", 2nd "businesslayer" and 3rd is the asp.net mvc site. And I'm trying to add forms authentication in the proper way.
我应该以某种方式将其配置为使用业务层?这得/添加/更新用户是验证的一部分呢?
Should I somehow configure it to use the business layer? That gets/adds/updates user that is a part of the authentication to be?
和其中的项目应在我添加的用户验证?
And in which project shall I add the user validation at?
/ M
推荐答案
认证是应该总是发生在应用程序界面,因为使用相同的域模型不同的应用可能有不同的认证需求。如果你决定要暴露你的域模型的,说,Web服务,窗体身份验证是不是可能是最好的验证机制。
Authentication is something that should always happen at the application boundary, because different applications using the same Domain Model may have different authentication needs. If you ever decide to expose your Domain Model as, say, a web service, Forms Authentication is not likely to be the best authentication mechanism.
在ASP.NET MVC您可以轻松地使用从Visual Studio中的默认项目模板实现用户名/密码认证,但是一旦用户通过验证,你应该设置<一个href=\"http://msdn.microsoft.com/en-us/library/system.threading.thread.currentprincipal.aspx\">Thread.CurrentPrincipal.
In ASP.NET MVC you can easily implement UserName/Password authentication using the default project template from Visual Studio, but once the user is authenticated, you should set Thread.CurrentPrincipal.
在一般情况下,<一href=\"http://msdn.microsoft.com/en-us/library/system.security.principal.iprincipal.aspx\">IPrincipal是在.NET中模拟用户环境的标准依据。例如, HttpContext.User中是一个IPrincipal。
In general, IPrincipal is the standard basis for modeling user context in .NET. For example, HttpContext.User is an IPrincipal.
在你的域模型和数据访问模块,可以使用Thread.CurrentPrincipal中实现授权逻辑。这使您可以独立地改变对方的身份验证和授权。
In your Domain Model and Data Access modules, you can use Thread.CurrentPrincipal to implement Authorization logic. This allows you to vary Authentication and Authorization independently of each other.
如果您需要在您的域模型更丰富的用户概念的工作,你可以有你的 User类实现的IPrincipal 。
If you need to work with a richer User concept in your Domain Model, you can have your User class implement IPrincipal.
这篇关于与服务层自定义验证?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
