I need some clarifications for ASP.NET Membership; please help me with it. I am using ASP.NET MCV 3 framework and intending to use ASP.NET Membership for users & authentication management using either LDAP or SQL.
For what I've understood until now; ASP.NET Membership is:
[User] has [Role] or [Role] has [Users]
But in my project I have a more complex business logic; where I need this hierarchy to next level like
[User] has [Role] -> has [Tasks]
So I can dynamically assign/revoke tasks/permissions to my MVC controllers or actions;
I plan to get started with Membership with SQL Provider and than may be later on I'll switch to LDAP/AD.
I've also explored AzMan and NetSqlAzMan; they look ok to resolve the error but their usage seems odd; (not as neat as ASP.NET Membership; where we can simply use annotations to assign roles/tasks to a controller or its action.
Is ASP.NET Membership limited to Roles only? & no tasks/operations? Or is there any workaround for that?
Can I enjoy the simplicity of usage of ASP.NET Membership and on the same road have a next level hierarchy for Roles -> Tasks -> Operations.
Any help would be greatly appreciated.
Thanks!
ASP.NET's Membership provider only supports roles out of the box. It doesn't support tasks or operations. However it is relatively easy to create a custom Role Provider to meet just about any need.
For a good start check out 'Implementing a Role Provider' at http://msdn.microsoft.com/en-us/library/ie/8fw7xh74.aspx . You can also find a sample Role Provider at http://msdn.microsoft.com/en-us/library/ie/tksy7hd7.aspx .
ASP.NET Membership only supports Roles, no tasks or operations.
You can use attributes to signify which operations are allowed for which roles, like so:
[Authorize(Roles="Administrator")]
public ViewResult Edit(int id)
{
return View("Edit");
}
Or your code can do checking using the IsInRole method:
if (User.IsInRole("Administrator"))
{
...
}
Good luck!
来源:https://stackoverflow.com/questions/9016091/asp-net-mvc-membership-roles