使用Identity 2.0的Web froms中基于角色的安全授权
[英]Role-based Security Authorization in web froms using Identity 2.0
问题描述
I've seen not hundred but THOUSANDS of example where from scratch to complete examples with MVC identity 2.0 are done but not a single one with bloody web forms and the one which are present are not even worth while just very basic. 
我没有看到数百个示例,但从头到尾都完成了具有MVC身份2.0的完整示例,但是没有一个带有血腥的Web表单的示例,并且存在的一个示例即使非常基础也并不值得。 I'm working on an application where I've three roles, user,admin,superUser and all these are in AspNetRoles table because I'm using identity 2.0. 我正在开发一个具有三个角色(用户,管理员,超级用户)的应用程序,所有这些角色都在AspNetRoles表中,因为我正在使用身份2.0。 now when I create a user I also assign that user one of these roles too. 现在,当我创建一个用户时,我也为该用户分配了这些角色之一。 before this role and stuff I've worked on customize roles system as we use to do on desktop applications. 在担任此角色和工作之前,我曾从事过用于桌面应用程序的自定义角色系统的工作。 so here I tried all the links and articles written on CodeProject about form authentication and all that what we can do in web.config but nothing was helpful Please take a look at this screen shot http://prntscr.com/6ca09i you might get a little idea what I mean by that. 所以在这里,我尝试了所有在CodeProject上写的有关表单身份验证的链接和文章,以及我们可以在web.config中执行的所有操作,但没有任何帮助。请看一下此屏幕快照http://prntscr.com/6ca09i,您可能会得到有点主意,我的意思是。 My C# code on register is 我在注册时的C#代码是
protected void btnSubmit_Click(object sender, EventArgs e)
{
//owin entity
var userStore = new UserStore<IdentityUser>();
userStore.Context.Database.Connection.ConnectionString =
System.Configuration.ConfigurationManager
.ConnectionStrings["GCR"].ConnectionString;
var manager = new UserManager<IdentityUser>(userStore);
//string userInfor;// = new UserInformation();
// check if the url contains an id perameter
if (!String.IsNullOrWhiteSpace(Request.QueryString["id"]))
{
var id = Convert.ToInt32(Request.QueryString["id"]);
var userInfo = new UserInformation
{
Email = txtEmail.Text,
FirstName = txtFirstName.Text,
LastName = txtLastName.Text,
AddressLine1 = txtAddressLine1.Text,
AddressLine2 = txtAddressLine2.Text,
City = txtCity.Text,
State = ddlState.SelectedValue,
ZipCode = Convert.ToInt32(txtZip.Text),
PhoneNumber = txtPhone.Text,
RoleId = Convert.ToInt32(ddlRole.SelectedValue)
and here is my registration page where I am assigning the roles which are not actually getting assigned http://prntscr.com/6ca1xi 这是我的注册页面,我在其中分配实际上没有得到分配的角色http://prntscr.com/6ca1xi
Now please tell me how can I create role based app where in a single folder we have different files which User with different role can get access Please I'd already wasted my two days on Identity I have no wich to waste more time on it 现在,请告诉我如何创建基于角色的应用程序,其中在一个文件夹中我们拥有不同文件,具有不同角色的用户可以访问该文件。我已经在Identity上浪费了两天,我也不想浪费更多时间
2 个解决方案
解决方案1
1 2015-03-04 18:04:54
I got the roles from aspnetroles table and this is how I got those 我从aspnetroles表中获得了角色,这就是我获得这些角色的方式
var context = new ApplicationDbContext();
var roleStore = new RoleStore<IdentityRole>(context);
var roleMgr = new RoleManager<IdentityRole>(roleStore);
if (User.IsInRole("admin"))
{
//come here
}
解决方案2
1 已采纳 2015-03-10 05:21:11
This is how you are going to properly deal with this 这就是您要如何正确处理此问题的方法
var userInfo = new UserInformation
{
Email = txtEmail.Text,
FirstName = txtFirstName.Text,
LastName = txtLastName.Text,
AddressLine1 = txtAddressLine1.Text,
AddressLine2 = txtAddressLine2.Text,
City = txtCity.Text,
State = ddlState.SelectedValue,
ZipCode = Convert.ToInt32(txtZip.Text),
PhoneNumber = txtPhone.Text,
RoleId = ddlRole.SelectedValue
Fist your role should be some text value because it does not take role as id after saving this object or model above `db.saveChanges(); 首先,您的角色应该是一些文本值,因为在`db.saveChanges();中保存该对象或模型后,它不会将角色用作id。 you in the end are going to add this role to aspnetroles table and how you are going to do that is very simple just a single line 您最终将把这个角色添加到aspnetroles表中,而如何做这很简单,只需一行
// add role to the user which is created right now
manager.AddToRole(userInfo.GUID, ddlRole.Text.Trim());
The first argument is the id of the user and the second one is the dropdown in which you are selecting the user roles and you can also do that role exist stuff in it. 第一个参数是用户的ID,第二个参数是下拉菜单,您可以在其中选择用户角色,也可以使该角色存在于其中。 now how you are going to check this one page load is very simple and its just like this 现在,您要如何检查这一页加载非常简单,就像这样
#region page load
if (!IsPostBack)
{
if (User.IsInRole("admin") || User.IsInRole("superuser"))
{
}
else
{
string unAuthorizedRedirect = WebConfigurationManager.AppSettings["UnAuthorizedRedirect"];
Response.Redirect("~/" + unAuthorizedRedirect);
}
}
#endregion
I hope this helps you completely 希望这对您有所帮助
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.