发表新帖
发表新帖

What is the idea behind IIdentity and IPrincipal in .NET

前端 未结
关注
4 1504
清歌不尽
清歌不尽 2021-01-30 16:23

So, what is the purpose for existence of both IIdentity and IPrincipal, and not some IIdentityMergedWithPrincipal? When is it not enough t

相关标签:
4条回答
  • 失恋的感觉
    2021-01-30 16:45

    As MSDN site says:

    The identity object encapsulates information about the user or entity being validated. At their most basic level, identity objects contain a name and an authentication type.

    whereas

    The principal object represents the security context under which code is running.

    Refer to the above link for a lot more info.

    HTH

    0 讨论(0)
  • 野趣味
    2021-01-30 17:00

    IIdentity is just used for the user's authenticated identity, regardless of what roles they may have.

    IPrincipal is used to combine a user's identity with the authorized roles they have in a given security context.

    For example, you can use a third-party login provider, like Facebook or Google, to get the user's identity, but you will not get a principal from those providers, as they don't provide any roles. You can use your own application or a third-party role-based authorization provider to apply roles to, say, a FacebookIdentity or GoogleIdentity. A different application can expect a different principal, with its own roles, but still use the same identity as in another application.

    0 讨论(0)
  • 梦如初夏
    2021-01-30 17:02

    A principal is the security context of a user.

    In the case of .NET, a principal supports the concept of having more than one identity (This has nothing to do with claims yet). This is particularly important when it comes to semantics that developers need to deal with when it comes to user identity. You may be called on as a developer to support multiple identities coming from different sources (identity providers IdPs), for example: Twitter, Google, whatever.

    So what's the different between a IPrincipal and IIDentity? IPrincipal is the security context (for a single thread), and the IIDentity is the set of attributes associated with that user coming from a specific identity provider / authority.

    0 讨论(0)
  • 北恋
    2021-01-30 17:12 
    public class HBPrincipal : IPrincipal
{
     private HBIdentity _identity;

     public HBPrincipal(HBIdentity identity)
    {
        _identity = identity;
    }

    public IIdentity Identity
    {
        get
        {
            return _identity;
        }
    }

    public bool IsInRole(string role)
    {
        // TODO implement roles
        return false;
    }
}
    0 讨论(0)
 看不清?
提交回复
热议问题