动态允许角色到一个页面或文件夹 [英] dynamically allow roles to a page or folder

问题描述

我使用asp.net web表单。我用一个web.config定义什么角色可以访问网页和文件夹。像这样

I am using asp.net webforms. I use a web.config to define what roles can access pages and folders. like this

   <system.web>
     <authorization>
       <allow roles="Admin" />
       <deny users="*" />
     </authorization>
   </system.web>

我怎么能做到这一点动态？所以，无需部署，我可以添加一个角色，像开发者

how can I do this dynamically? so without deploying I could add a role, like 'Developer'

有没有一种方法，我可以从数据库中读取这些？
谢谢

Is there a way I could read these from a database? thanks

推荐答案

不知道到底是什么你问这里...

Not sure what exactly are you asking here...

你所看见的授权被称为 URL授权，并在建造ASP.NET模块提供。此实现使用相关联的上下文的IPrincipal （ HttpContext.User中）来查看认证用户配置的角色的成员。所以，如果你想拥有自己的任意角色（而不是Windows角色），您可以提供自己的的IPrincipal 的实施，将检索分配的角色从数据当前用户-base（或您要使用的任何其他来源）。然而，授权信息仍会保留在配置文件中

The authorization sighted by you is known as URL Authorization and provided by in-build ASP.NET module. This implementation uses the context associated IPrincipal (HttpContext.User) to see the authenticated user is member of configured role. So if you want to have your own arbitrary roles (instead of windows roles), you can provide your own IPrincipal implementation that would retrieve the assigned roles for the current user from the data-base (or any other source that you want to use). However, the authorization information will still remain in the configuration file.

在情况下，你要移动的授权信息（谁可以访问什么），那么你可以实现自己的授权模块。该模块可以从数据库中读取这些信息，并执行访问安全你想要的方式。

In case, you want to move the authorization information (who can access what) then you can implement your own authorization module. The module can read this information from the database and enforce the access security the way you wanted.

这篇关于动态允许角色到一个页面或文件夹的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！