ASP.NET MVC-目录的用户访问
[英]ASP.NET MVC - User access for directory
问题描述
How can I add limited access to only 1 specific user has access to 1 specific directory and none else can access it than him? 
如何仅向1个特定用户添加受限访问权限,而1个特定用户只能访问1个特定目录,而没有其他人可以访问该目录? I've looked at the web.config thing but that wont work. 我已经看过web.config了,但是那行不通。
So basically what I'm trying to is: 所以基本上我想做的是:
Person creates user => new user => new directory (access ONLY for the new user and none else). 人员创建用户=>新用户=>新目录(仅新用户可以访问,其他用户不能访问)。
Thanks in advance. 提前致谢。
1 个解决方案
解决方案1
1 已采纳 2010-12-05 00:36:51
The application I am currently working on uses the Authorize decoration in conjunction with the membership and role providers (both custom) to manage access to pages within my MVC site eg 我当前正在使用的应用程序将Authorize装饰与成员资格和角色提供者(均为自定义)一起使用,以管理对我的MVC站点内页面的访问。
[Authorize(Users="MyUsername")]
public ActionResult Banking()
{
return View();
}
[Authorize(Roles="SysAdmin, BusinessOwner")]
public ActionResult Banking()
{
return View();
}
I find this is extremely flexible as you can have public (no decoration) any logged in user [Authorize] or roles & users. 我发现这非常灵活,因为您可以公开(无装饰)任何登录用户[Authorize]或角色和用户。 Personally I would never build an app that authorized on Users - Roles is a much more extensible option (even if it does only contain one user at the moment) there are two main reasons I wouldn't do this - Users becomes unwieldy in a big app and secondly adding a user to the decoration requires a recompile/redeploy of the app whereas associating a user to a role in most situation is typically a database association that the app's business logic handles at runtime. 就我个人而言,我永远不会构建经用户授权的应用程序-角色是一个更具扩展性的选项(即使目前仅包含一个用户),我不这样做的主要原因有两个-大型用户变得笨拙应用程序,然后将用户添加到装饰中,需要重新编译/重新部署应用程序,而在大多数情况下将用户与角色相关联通常是应用程序的业务逻辑在运行时处理的数据库关联。
In your web.config you set up something similar to this to use the custom providers: 在您的web.config中,您可以设置类似的内容来使用自定义提供程序:
<system.web>
<membership defaultProvider="MyMembership" userIsOnlineTimeWindow="30">
<providers>
<clear/>
<add name="MyMembership" type="MyDAL.MyMembership, MyDAL"/>
</providers>
</membership>
<roleManager defaultProvider="MyRole" enabled="true" cacheRolesInCookie="true">
<providers>
<clear/>
<add name="MyRole" type="MyDAL.MyRole, MyDAL" />
</providers>
</roleManager>
Then you create classes that inherit the providers: 然后,您创建继承提供程序的类:
using System.Web.Security;
namespace MyDAL
{
class MyMembership : MembershipProvider//[ctrl + .] to create stubs
{
//Use Visual Studio to generate all the MembershipProvider stubs [ctrl + .]
}
}
You will end up with a bunch of methods with throw new NotImplementedException() - there are heaps of these but it is not necessary to fill them all out - just complete the ones that are relevant to your application and leave the rest as is. 您将最终得到一堆抛出新的NotImplementedException()的方法-有很多方法,但不必全部填充-只需完成与您的应用程序相关的方法,其余方法保持不变即可。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.