What is the claims in ASP .NET Identity
Can somebody please explain, what the claim mechanism means in new ASP.NET Identity Core?
As I can see, there is an AspNetUserLogins table, which contai
-
Just to add more on what @Lin has said above. I am specifically refering to the question:
What time i have to use role-based security and when claim-based? Could you please write a few examples?
Consider a case where you have a clocking system where you have a technician and a manager. At the end of every week, the technician must arrange reports with clocking information showing hours of work artisans worked for that week, which is consolidated and used by payroll. Such systems often have to be amended or corrected before final reports are submitted, because you don't want to overpay or underpay your employees. You can use a
Role-Basedapproach for the Manager and Technician by creating aManager RoleandTechnician Role. But theManager Roleis the one with the ability to access and edit the clocking information of the artisans. On the other hand, you can have theTechnician Rolewithout these abilities to access that information. But Here's the interesting part; A manager can make a claim and allow a technician to access the Clocking Systems and make reports. So a claim can be made only for access without edit or can be made with access and edit capabilities.It is more like saying, Well, By default as the manager I can access some information that my technician can't access. But I am not always around the office? what can I do so that he can still do the work even when I am not around? To solve this the system can have the feature for the managers to create claims for people without access to some specific information. We often see these everywhere in our ERP systems. A user without access to some modules and when they get promoted they're giving permission to more modules of the ERP system, sometimes keeping the same user role.
This is an example you can consider to understand claims and roles more.
加载中...
- 热议问题