我想实现我的ASP.NET应用程序MVC2 Windows身份验证。我随后正式文件提出的所有步骤:
I am trying to implement windows authentication in my ASP.NET MVC2 application. I've followed all the steps suggested by the official documentation:
<authentication mode="Windows" /> <authorization> <deny users="?" /> </authorization>我指定NTLM身份验证。到现在为止还挺好。一切工作正常。我想检查用户登录的对我的数据库。我想从我的表中提取角色,然后使用管理自定义属性的授权。结果我不想使用成员资格和角色提供者。因为他们已经习惯了互联网应用程序(这是内联网应用)I'already有我的表用户/角色到位。
I've specified NTLM Authentication. So far so good. Everything works fine. I would like to check the users logged-in against my database. I would like to fetch roles from my table and then manage the authorization using a custom attribute. I don't want to use membership and roles provider. I'already have my tables Users/Roles in place cause they've been used for an Internet App (this is the Intranet App).
在我的互联网应用我不得不在用户输入的数据的形式。该表格发布到一个控制器,检查一切,与登录用户的用户(和角色)创建的cookie。
In my Internet App I had a form where the user inputs the data. The form is posted to a controller which checks everything and creates a cookie with the user (and roles) of the logged-in user.
在我的Global.asax我已经被困的AuthenticateRequest事件,我读取cookie和创造,我用遍应用程序来检查的授权自定义主体。
In my global.asax I've trapped the AuthenticateRequest event where I read the cookie and create a custom principal which I use all over the app to check the authorizations.
如何能做到使用Windows身份验证实现这个?
How can I do implement this with Windows Authentication?
推荐答案只需创建一个新的主体,并将其分配给在Global.asax中用户线(或使用动作过滤器)。
Just create a new principal and assign it to the user and thread in Global.asax (or use an action filter).
protected void Application_AuthenticateRequest(object sender, EventArgs args) { if(HttpContext.Current != null) { String [] roles = GetRolesFromSomeDataTable(HttpContext.Current.User.Identity.Name); GenericPrincipal principal = new GenericPrincipal(HttpContext.Current.User.Identity, roles); Thread.CurrentPrincipal = HttpContext.Current.User = principal; } }如果一个用户没有任何匹配的角色,它们可以从应用程序使用的web.config authoirzation元素禁止:
If a user doesn't have any role that matches, they can be barred from the app using the web.config authoirzation element:
<authorization> <allow roles="blah,whatever"/> <deny users="*"/> </authorization>更多推荐
ASP.NET MVC和Windows身份验证与自定义角色
发布评论