查找授权框架要在一个ASP.NET MVC项目中使用 [英] Finding authorization framework to be used on a ASP.NET MVC project
问题描述
我有一个asp.net MVC项目和执着是由库处理。窗体身份验证使用。现在我需要实现授权。例如,我需要确保管理者用户只能打开他/她的taskes并指派工作人员到taskes。一名工人将只能看到已分配给他/她taskes。阿超主持人可以编辑一切。
有没有准备好使用框架,让我来定义的权限?
I have a asp.net mvc project and persistent is handled by repositories . Form authentication is used. Now I need implement authorization . For example , I need to ensure a manager user can only open his/her taskes and assign workers to the taskes. A worker will only see taskes that have been assigned to him/her. A super-moderator can edit everything. Is there any ready to use framework that allow me to define permissions ?
我在评估Ayende犀牛安全的过程。我在哪里可以得到更多的例子codeS?你对犀牛安全的看法?结果
我的项目中使用LINQ to SQL和尚未利用的NHibernate的。可以犀牛安全工作没有NHibernate的?
I am in the process of evaluating Ayende Rhino Security . Where can I get more examples codes ? What is your opinion on Rhino Security ?
My project use Linq to SQL and has not made use of NHibernate. Can Rhino Security works without NHibernate ?
推荐答案
我很害怕,犀牛的安全性取决于NHibernate的工作。结果
我一直在评估安全犀牛了几个月的,并在最后,我决定的原因,而是一个真的真的好产品来使用它。结果
您可以在Ayende的博客找好一个有用的信息或的此处。
我踉踉跄跄地已经有点将其与StructureMap(而不是温莎城堡)集成。你可以找到一些信息<一个href=\"http://stackoverflow.com/questions/4258047/rhino-security-and-ientityinformationextractor\">here.
要做到你想实现你必须定义一个实现IEntityInformationExtractor接口的类的东西。
I am afraid, Rhino Security depends on Nhibernate to work.
I have been evaluating Rhino Security for a couple of months and, at the end, I've decided to use it cause it's a really really good product.
You can find good an useful informations on Ayende's blog or here.
I have straggled a bit to integrate it with StructureMap (instead of Castle Windsor). You can find some info here.
To do what you're trying to achieve you have to define a class which implements the IEntityInformationExtractor interface.
所有你需要添加下列引用(我已经重新编译犀牛安全与NH 3.0),以首先:
First of all you have to add the following references (I've recompiled Rhino Security with NH 3.0) to:
- Microsoft.Practices.ServiceLocation
- NHibernate的
- NHibernate.Byte code.Castle
- StructureMap
- Rhino.Security
- StructureMapAdapter
- Microsoft.Practices.ServiceLocation
- NHibernate
- NHibernate.ByteCode.Castle
- StructureMap
- Rhino.Security
- StructureMapAdapter
然后定义一个引导程序:
Then you define a bootstrapper:
public static class Bootstrapper
{
public static void Initialize()
{
ObjectFactory.Initialize(cfg =>
{
cfg.UseDefaultStructureMapConfigFile = false;
cfg.IgnoreStructureMapConfig = true;
cfg.AddRegistry<StructureMapRegistry>();
});
ServiceLocator.SetLocatorProvider(() => new StructureMapServiceLocator(ObjectFactory.Container));
}
}
然后定义StructureMap注册表类:
Then you define the StructureMap registry class:
public class StructureMapRegistry : Registry
{
public StructureMapRegistry()
{
string ConnDb = "Data Source=(local); Initial Catalog=RhinoSecurity_Test; Trusted_Connection=true;";
For<ISessionFactory>()
.Singleton()
.TheDefault.Is.ConstructedBy(() => new NHSessionFactory(ConnDb, false).SessionFactory);
For<ISession>()
.Singleton()
.TheDefault.Is.ConstructedBy(x => x.GetInstance<ISessionFactory>().OpenSession());
For<IAuthorizationRepository>()
.Use<AuthorizationRepository>();
For<IPermissionsService>()
.Use<PermissionsService>();
For<IAuthorizationService>()
.Use<AuthorizationService>();
For<IPermissionsBuilderService>()
.Use<PermissionsBuilderService>();
For<IEntityInformationExtractor<Model.Task>>()
.Use(p =>
{
return (new TaskInfromationExtractor(p.GetInstance<ISession>()));
});
}
}
NHSessionFactory 基本上创建一个会话新罕布什尔州的工厂。
NHSessionFactory basically create a a NH session factory.
我已经创建了一个类( TaskInfromationExtractor ),它实现IEntityInformationExtractor。这将允许您定义任务实体的权限。
现在,您的应用程序已准备就绪。你只需要引导structuremap:
I've create a class (TaskInfromationExtractor) which implements IEntityInformationExtractor. This will allow you to define permissions for the task entity. Now your app is ready. You just have to "bootstrap" structuremap:
- Bootstrapper.Initialize();
当你的应用程序启动时你会做到这一点。
现在你可以使用犀牛的安全存储库和服务,创造用户,组,关系等等等等的环节,我给你的建议。
你可以找到一个示例中,我已经prepared 这里
You would do this when your app starts up. Now you can use Rhino security repository and services to create users, groups, relations etc etc. as the links I've give you suggest. You can find a sample I've prepared here
这篇关于查找授权框架要在一个ASP.NET MVC项目中使用的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
