[英]With regards to WindowsPrincipal, are groups considered roles?
While looking at ways to perform role based access control in a Winforms application, I came across some solutions using WindowsIdentity and WindowsPrincipal. 在研究在Winforms应用程序中执行基于角色的访问控制的方法时,我遇到了一些使用WindowsIdentity和WindowsPrincipal的解决方案。 It got me thinking about the differences between a group and a role, and there certainly are some answers (like this and this ), that seem to indicate that they are different (although the former does say that " ...Unfortunately, operating systems tend to blur the distinction, treating roles as groups.
") 这让我开始思考小组和角色之间的区别,并且肯定有一些答案(例如this和this )似乎表明它们是不同的(尽管前者确实说过“ ...Unfortunately, operating systems tend to blur the distinction, treating roles as groups.
”)
The WindowsPrincipal.IsInRole() method summmary states; WindowsPrincipal.IsInRole()方法的摘要状态;
"Determines whether the current principal belongs to the Windows user group with the specified name." “确定当前主体是否属于具有指定名称的Windows用户组。”
Does this then mean, that in this regard, Windows Groups are considered Roles? 那么,这是否表示就此而言,Windows组被视为角色?
There is some Windows Server documentation that talks about assigning Windows users or Groups to roles, but I'm not really familiar with that. 有一些Windows Server 文档讨论了将Windows用户或组分配给角色,但是我对此并不十分熟悉。 Can someone confirm that the roles discussed in that link are what is being referred to in the WindowsPrincipal documentation? 有人可以确认该链接中讨论的角色是WindowsPrincipal文档中所指的角色吗?
The ' Assign a Windows User or Group to a Role ' article is talking about the Windows Server Authorization Manager . “ 将Windows用户或组分配给角色 ”一文讨论的是Windows Server 授权管理器 。 The article says that you can add both users and groups to roles, so no, when it comes to Authorization Manager, roles are not the same as Windows groups. 本文说您可以将用户和组都添加到角色中,所以不可以,当涉及到Authorization Manager时,角色与Windows组是不同的。
In the case of WindowsPrincipal.IsInRole()
, the word "Role" is used simply because WindowsPrincipal
implements ClaimsPrincipal
, which implements IPrincipal
and therefore is required to implement the IsInRole()
method. 在WindowsPrincipal.IsInRole()
的情况下,仅由于WindowsPrincipal
实现ClaimsPrincipal
,而该角色实现IPrincipal
,因此需要使用IsInRole()
方法,因此仅使用单词“ Role”。 So in the context of WindowsPrincipal
, roles are the same as Windows groups. 因此,在WindowsPrincipal
的上下文中,角色与Windows组相同。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.