堆栈内存溢出
  简体   繁体   English

关于WindowsPrincipal,是否将组视为角色?

[英]With regards to WindowsPrincipal, are groups considered roles?

 原文  2017-12-28 21:37:58       active-directory/ rbac/ windows-principal

问题描述

While looking at ways to perform role based access control in a Winforms application, I came across some solutions using WindowsIdentity and WindowsPrincipal. 在研究在Winforms应用程序中执行基于角色的访问控制的方法时,我遇到了一些使用WindowsIdentity和WindowsPrincipal的解决方案。 It got me thinking about the differences between a group and a role, and there certainly are some answers (like this and this ), that seem to indicate that they are different (although the former does say that " ...Unfortunately, operating systems tend to blur the distinction, treating roles as groups. ") 这让我开始思考小组和角色之间的区别,并且肯定有一些答案(例如thisthis )似乎表明它们是不同的(尽管前者确实说过“ ...Unfortunately, operating systems tend to blur the distinction, treating roles as groups. ”)

The WindowsPrincipal.IsInRole() method summmary states; WindowsPrincipal.IsInRole()方法的摘要状态;

"Determines whether the current principal belongs to the Windows user group with the specified name." “确定当前主体是否属于具有指定名称的Windows用户组。”

Does this then mean, that in this regard, Windows Groups are considered Roles? 那么,这是否表示就此而言,Windows组被视为角色?

There is some Windows Server documentation that talks about assigning Windows users or Groups to roles, but I'm not really familiar with that. 有一些Windows Server 文档讨论了将Windows用户或组分配给角色,但是我对此并不十分熟悉。 Can someone confirm that the roles discussed in that link are what is being referred to in the WindowsPrincipal documentation? 有人可以确认该链接中讨论的角色是WindowsPrincipal文档中所指的角色吗?

1 个解决方案

解决方案1
 1 已采纳  2017-12-29 14:55:39

The ' Assign a Windows User or Group to a Role ' article is talking about the Windows Server Authorization Manager . 将Windows用户或组分配给角色 ”一文讨论的是Windows Server 授权管理器 The article says that you can add both users and groups to roles, so no, when it comes to Authorization Manager, roles are not the same as Windows groups. 本文说您可以将用户和组都添加到角色中,所以不可以,当涉及到Authorization Manager时,角色与Windows组是不同的。

In the case of WindowsPrincipal.IsInRole() , the word "Role" is used simply because WindowsPrincipal implements ClaimsPrincipal , which implements IPrincipal and therefore is required to implement the IsInRole() method. WindowsPrincipal.IsInRole()的情况下,仅由于WindowsPrincipal实现ClaimsPrincipal ,而该角色实现IPrincipal ,因此需要使用IsInRole()方法,因此仅使用单词“ Role”。 So in the context of WindowsPrincipal , roles are the same as Windows groups. 因此,在WindowsPrincipal的上下文中,角色与Windows组相同。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 WindowsPrincipal.IsInRole和通用与全局活动目录组 - WindowsPrincipal.IsInRole and universal vs. global active directory groups Azure Active Directory 组/角色 - Azure Active Directory Groups/Roles 来自继承的组和角色/过滤的memberOf值 - memberOf values from inherited groups and roles / filtering 使用Windows身份验证和活动目录组作为角色 - using windows authentication with active directory groups as roles ASP.NET将Windows身份验证与自定义应用程序组/角色结合使用 - ASP.NET Combining Windows Authentication with Custom Application Groups/Roles 用于访问令牌的 ADAL java 库不返回组和角色 - ADAL java library for access token not returning groups and roles Active Directory安全组和用户角色更改的时滞 - Time lag in changes to Active Directory security groups and User Roles 使用Active Directory组的.Net应用程序角色授权 - .Net Application Roles Authorization Using Active Directory Groups 从Active Directory获取用户角色/组 - mvc3 - Getting user roles/groups from Active Directory - mvc3 在Rails App中使用Active Directory / LDAP组获得权限\\角色的示例 - Examples using Active Directory/LDAP groups for permissions \ roles in Rails App
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM