如何在ASP.NET MVC应用程序中使用Authorize属性?
[英]how i can use Authorize attribute in ASP.NET MVC application?
问题描述
i have a MVC application who have their own authenticate system. 
我有一个拥有自己的身份验证系统的MVC应用程序。 he used their own system and check the user by cookie parsing everytime. 他使用了自己的系统,并每次通过cookie解析来检查用户。
how i can put the attribute Authorize on the action wherever i have information about the current user. 无论我有关于当前用户的信息如何,如何将属性“授权”放在操作上。
the user type is a enum who have a part of struct user {} 用户类型是具有结构用户{}的一部分的枚举
can anyone show me how i can use authorize attribute in my application. 谁能告诉我如何在应用程序中使用authorize属性。
1 个解决方案
解决方案1
3 已采纳 2011-04-11 14:44:59
You can use the AuthroizeAttribute either on the Controller level: 您可以在控制器级别使用AuthroizeAttribute :
[Authorize]
public class HomeController : Controller
{
// Now all actions require authorization
}
or Action level: 或操作级别:
public class HomeController : Controller
{
public ActionResult Index()
{
// Does not require authorization
}
[Authorize]
public ActionResult PrivateThing()
{
// requires authorization
}
}
You can pass usernames, roles, etc to the AuthorizeAttribute constructor as well for finer grained authorization. 您还可以将用户名,角色等传递给AuthorizeAttribute构造函数,以实现更精细的授权。
If, however, the default AuthroizeAttribute doesn't work for you you can always roll your own by inheriting from AuthorizeAttribute : 但是,如果默认的AuthroizeAttribute对您不起作用,则可以始终通过继承AuthorizeAttribute来滚动自己的AuthroizeAttribute :
public CustomAuthorizeAttribute : AuthorizeAttribute
{
public override void OnAuthorization(AuthorizationContext filterContext)
{
base.OnAuthorization(filterContext);
// Auhtorization logic here
}
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.