问题
So I know it's possible to store Users and Roles on SQL server but I was wondering if it was also possible to store the access rules on SQL Server. I've searched but I can't find anything.
Our auditor requires us to run reports that tell us which users have access to which websites. Currently I am parsing each web.config file to see which users/roles have access, storing that in SQL server and running a report off of that but I am hoping there is a better way. Any input is appreciated.
Thanks in advance.
回答1:
If you don't find any ready-to-use solution you can add an Application_BeginRequest that looks up the required permissions for the requested page (preferrably cached in memory to avoid DB roundtrips) and then executes a PrincipalPermission on the role required.
来源:https://stackoverflow.com/questions/6983558/store-asp-net-access-rules-on-sql-server