堆栈内存溢出
  简体   繁体   English

如何使用Asp.Net MVC通过配置文件创建安全策略?

[英]How do I to create a security policy by profile using Asp.Net MVC?

 原文  2017-09-02 19:23:00       c#/ asp.net-mvc/ asp.net-mvc-4

问题描述

I'm creating a system using Asp.Net MVC, but before I start to develop I need to define the security policy. 我正在使用Asp.Net MVC创建系统,但是在开始开发之前,我需要定义安全策略。 I thought to create it by profile where each profile will have permissions to access, for example: Profile Administrative (all permissions), Profile Common (restrict access), Profile Manager (with some permissions of profile Administrative). 我想通过配置文件来创建它,其中每个配置文件都具有访问权限,例如:配置文件管理(所有权限),配置文件公用(限制访问),配置文件管理器(具有配置文件管理的某些权限)。

I thought to create a Profile with Permissions by Method's Name or Controllers and give permissions as boolean true/false, example: The method addNewProduct() , whether this method only works to Profile Administrative/Manager I will give permissions only for them, however, I don't know how could I do to get the Controller or Method's name to give these permissions. 我以为创建一个具有按方法名称或控制器权限的配置文件,并将权限设置为布尔值true / false,例如:方法addNewProduct() ,无论此方法仅适用于Profile Administrative / Manager,我将仅为其授予权限,我不知道如何获得控制器或方法的名称来赋予这些权限。

Example: 例:

Profiles 简介 

Administrative      |   Common             |   Manager
[x]addNewProduct    |   []addNewProduct    |   [x]addNewProduct

How could I do this ? 我该怎么办? Any suggestion ? 有什么建议吗?

1 个解决方案

解决方案1
 1 已采纳  2017-09-02 19:29:48

What you are looking for is not profiles but roles , and the technique is called Role-Based Authorization . 您要查找的不是概要文件而是角色 ,该技术称为基于角色的授权

In ASP.NET MVC, you can use it like this: 在ASP.NET MVC中,可以这样使用它: 

[Authorize] //ensure a user is signed-in
public class MyController : Controller
{
    [Authorize(Roles = "Administrative,Manager")] // ensure the user is signed in and belongs in one of the roles
    public ActionResult DoSomething()
    {
        return View();
    }
}

Here, if, for example, Windows Authentication was enabled, the Authorize attribute would look for the user's Groups in Active Directory to confirm whether the user belong to one of those groups or not. 在这里,例如,如果启用了Windows Authentication ,则Authorize属性将在Active Directory查找用户的Groups ,以确认用户是否属于这些组之一。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何在ASP.NET MVC中创建webhook? - How do I create a webhook in ASP.NET MVC? 如何在asp.net mvc 2中创建树视图? - How do I create a treeview in asp.net mvc 2? 如何在asp.net MVC中创建定时调度程序? - How do I create a timed scheduler in asp.net MVC? 如何在asp.net MVC 5中创建表单 - How do I create a form in asp.net MVC 5 如何使用jquery ajax在ASp.net MVC4中创建级联文本框 - How do i create cascading textboxes in ASp.net mvc4 using jquery ajax 如何使用ASP.NET MVC 5访问Facebook配置文件信息 - How to access Facebook profile information by using ASP.NET MVC 5 在ASP.NET MVC 2中使用Profile和CreateUserwizard - Using Profile and CreateUserwizard in ASP.NET MVC 2 在ASP.NET MVC中使用web.config的内容安全策略标头列表保护 - Content security policy header list protection using web.config in ASP.NET MVC 如何将安全主体从我的请求传递到asp.net MVC中的线程 - How do I pass security principal from my request into a thread in asp.net MVC 如何在ASP.NET(3.5)中创建“公共”用户配置文件页面 - How do I create a “public” user profile page in ASP.NET (3.5)
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM