Q1 - I’m not sure I understand why we should prefer to use PrincipalPermission.Union() ( or PrincipalPermission.Intersect() ) instead of IsInRole()? If anything, calling IsInRole() several times requires less code than creating multiple PrincipalPermission objects and merging them into one via Union() ( or Intersect() )?
Q1 - 我不确定我理解为什么我们应该更喜欢使用PrincipalPermission.Union()(或PrincipalPermission.Intersect())而不是IsInRole()?如果有的话,多次调用IsInRole()需要的代码少于创建多个PrincipalPermission对象并通过Union()(或Intersect())将它们合并为一个对象?
Q2 - One constructor overload of PrincipalPermission object also specifies a IsAuthenticated flag that tells Demand() to verify if user is authenticated. Wouldn’t using that flag only be useful in situations where first two parameters ( name and role ) are both null?
Q2 - PrincipalPermission对象的一个构造函数重载还指定了一个IsAuthenticated标志,该标志告诉Demand()验证用户是否经过身份验证。不使用该标志仅在前两个参数(名称和角色)都为空的情况下才有用吗?
thanx
1 个解决方案
#1
Q1. - RE: PrincipalPermission methods vs. IPrincipal.IsInRole(..)
Q1。 - RE:PrincipalPermission方法与IPrincipal.IsInRole(..)
The two function calls make a PrincipalPermission that has the union or intersection of the roles you give it. Thus you end up with a principal that has a very specific set of demands, which you can then call IsInRole() upon. Note that doing this will hit your role provider which may be an SQL server or the active directory and thus have latency involved, so you don't want to do it all the time.
这两个函数调用使PrincipalPermission具有您为其提供的角色的并集或交集。因此,您最终会得到一个具有非常特定需求的主体,然后您可以调用IsInRole()。请注意,这样做会影响您的角色提供程序,可能是SQL服务器或活动目录,因此涉及延迟,因此您不希望一直这样做。
Q2. - RE: PrincipalPermission authentication
Q2。 - RE:PrincipalPermission身份验证
Authenticated indicates that the user is logged in against your provider. You may want this if you need only auditing on your application, confirming the user is logged in to your role provider will mean that you can log who they are etc.
Authenticated表示用户已登录您的提供商。如果您只需要对应用程序进行审核,确认用户已登录到您的角色提供程序意味着您可以记录他们是谁等,则可能需要此操作。
You are correct in saying it's only useful where you don't care about who the user is, only that they are logged in.
你说它只是在你不关心用户是谁,只是他们已经登录的情况下才是正确的。
#1
Q1. - RE: PrincipalPermission methods vs. IPrincipal.IsInRole(..)
Q1。 - RE:PrincipalPermission方法与IPrincipal.IsInRole(..)
The two function calls make a PrincipalPermission that has the union or intersection of the roles you give it. Thus you end up with a principal that has a very specific set of demands, which you can then call IsInRole() upon. Note that doing this will hit your role provider which may be an SQL server or the active directory and thus have latency involved, so you don't want to do it all the time.
这两个函数调用使PrincipalPermission具有您为其提供的角色的并集或交集。因此,您最终会得到一个具有非常特定需求的主体,然后您可以调用IsInRole()。请注意,这样做会影响您的角色提供程序,可能是SQL服务器或活动目录,因此涉及延迟,因此您不希望一直这样做。
Q2. - RE: PrincipalPermission authentication
Q2。 - RE:PrincipalPermission身份验证
Authenticated indicates that the user is logged in against your provider. You may want this if you need only auditing on your application, confirming the user is logged in to your role provider will mean that you can log who they are etc.
Authenticated表示用户已登录您的提供商。如果您只需要对应用程序进行审核,确认用户已登录到您的角色提供程序意味着您可以记录他们是谁等,则可能需要此操作。
You are correct in saying it's only useful where you don't care about who the user is, only that they are logged in.
你说它只是在你不关心用户是谁,只是他们已经登录的情况下才是正确的。