如何使用Identity框架在C#和ASP.NET中配置基于角色的访问权限?

时间:2021-03-03 23:02:39

What I have tried so far:

到目前为止我尝试了什么:

I placed a Web.config in a folder I want to protect with the following content which should grant access to admin, second_level and third_level users only.

我将Web.config放在我要保护的文件夹中,其中包含以下内容,这些内容应仅授予对admin,second_level和third_level用户的访问权限。

<?xml version="1.0"?>
<configuration>
  <system.web>
    <authorization>
      <allow roles="admin"/>
      <allow roles="second_level"/>
      <allow roles="third_level"/>
      <deny roles="first_level"/>
      <deny roles="blocked"/>
      <deny users="*" />
    </authorization>
  </system.web> 
</configuration>

In the main Web.config I put:

在我主要的Web.config中:

<roleManager enabled="true" defaultProvider="myapp.App_Code.SecurityAppRoleProvider" cacheRolesInCookie="true" createPersistentCookie="false" cookieProtection="All">
  <providers>
    <clear />
  </providers>
</roleManager>

The custom role provider:

自定义角色提供程序:

 namespace myapp.App_Code
{
    public class SecurityAppRoleProvider : System.Configuration.Provider.ProviderBase
    {
        public SecurityAppRoleProvider()
        {
            var i = 0; // breakpoint here will never be reached?
        }

    }
}

At this point there are some things I am struggling with:

在这一点上,我正在努力解决一些问题:

  1. The <deny users="*" /> works. The ASP.NET app redirects me to the login page which is the beahvior I need. But the roles are are not considered by web application. Which means all users are currently blocked to access the page even if they are member of role admin.

    2. 有效。 ASP.NET应用程序将我重定向到登录页面,这是我需要的行为。但Web应用程序不考虑角色。这意味着即使所有用户都是角色管理员,也阻止所有用户访问该页面。

  2. SecurityAppRoleProvider will never be instanced so I guess I need to register the custom role provider else where?

    3. SecurityAppRoleProvider永远不会被实例化,所以我想我需要在其他地方注册自定义角色提供者?

  3. Is not there a default Role Provider which should be used in connection with ASP.Net Identity Framework without code a custom one?

    4. 是不是有一个默认的角色提供程序,它应该与ASP.Net Identity Framework结合使用而不需要自定义的代码?

1 个解决方案

#1

0  

I put this into main Web.config to solve the issue.

我把它放到主Web.config来解决这个问题。

<roleManager enabled="true">
  <providers>
    <clear/>
    <add name="AspNetSqlRoleProvider" type="System.Web.Security.SqlRoleProvider" connectionStringName="DefaultConnection" applicationName="/your-app-name"/>
    <add name="AspNetWindowsTokenRoleProvider" type="System.Web.Security.WindowsTokenRoleProvider" applicationName="/your-app-name"/>
  </providers>
</roleManager>

#1

0  

I put this into main Web.config to solve the issue.

我把它放到主Web.config来解决这个问题。

<roleManager enabled="true">
  <providers>
    <clear/>
    <add name="AspNetSqlRoleProvider" type="System.Web.Security.SqlRoleProvider" connectionStringName="DefaultConnection" applicationName="/your-app-name"/>
    <add name="AspNetWindowsTokenRoleProvider" type="System.Web.Security.WindowsTokenRoleProvider" applicationName="/your-app-name"/>
  </providers>
</roleManager>
标签:

相关文章