发表新帖
发表新帖

ASP.NET Security Roles AND Permissions

前端 未结
关注
5 1299
[愿得一人]
[愿得一人] 2021-01-03 00:35

I\'m comfortable with the ASP.NET security model whereby one can allow/deny access to users in the web.config based on what roles they are in e.g.
5条回答
  • 感情败类
    感情败类 (楼主)
    2021-01-03 00:39

    You can use Azman as described in this MSDN article.

    But there are a number of things I don't like about Azman, so I rolled my own as a complement to the RoleProvider (additional tables, APIs and admin tools that manage the mapping of permissions to roles).

    My custom implementation is very simple:

    • M-N relationship between roles and permissions.

    • An API "HasPermission" that tests if a given principal has a given permission. This simply iterates through all roles and checks if the role has the given permission. The mapping permission-roles is cached using the ASP.NET cache for performance reasons.

    0 讨论(0)
 看不清?
提交回复
热议问题