发表新帖
发表新帖

Can user authorization be set on a per-controller basis in web.config? (cannot use AuthorizeAttribute)

后端 未结
关注
1 449
佛祖请我去吃肉
佛祖请我去吃肉 2021-01-23 02:28

I have a Web API 2 app using windows auth. I have multiple controllers and this in my web.config for authorization:
1条回答
  • 小鲜肉
    小鲜肉 (楼主)
    2021-01-23 03:23

    In our environment we use this approach:

    The names of Active Directory groups are stored in the app-settings. These names are different per environment.

    Next we created a subtype of AuthorizeAttribute called AuthorizeWritersAttribute like this:

    public class AuthorizeWritersAttribute : AuthorizeAttribute 
{
    public AuthorizeWritersAttribute()
    {
        Roles = ConfigurationManager.AppSettings["SolutionName:AuthorizedWriters"];
        // Actually we removed the dependency on ConfigurationManager but for brevity this suffices.
    }
}

    Finally we apply this attribute to our controllers:

    [AuthorizeWriters]
public class BlogController : Controller
{
    ....
}

    We use AD-groups but AD-accounts should work as well.

    0 讨论(0)
 看不清?
提交回复
热议问题