Extending Windows Authentication in ASP.NET MVC 3 Application

前端 未结 1 1666
爱一瞬间的悲伤
爱一瞬间的悲伤 2021-01-30 19:09

after a lot of googling and reading several solutions on how to manage mixed mode authentication in ASP.NET apps, I still have no fitting solution for my problem.

I\'ve

相关标签:
1条回答
  • 2021-01-30 19:13

    I'm not sure if this still applies in MVC, but in Webforms one way to do this would be as follows:

    1. Create a new IPrincipal implementation perhaps extending WindowsPrincipal
    2. In this class, give it a collection of roles (your own custom roles)
    3. Populate those roles, by perhaps getting them from the DB.
    4. Override IsInRole to return true if the role provided is EITHER true from the base call (WindowsAuthentication/Role) OR from your own custom role collection.

    This way you can still hook into Principal.IsInRole("MyRole") and also the principal [PrincipalPermission()] annotation.

    Hope it helps.

    EDIT in answer to q's:

    To integrate the principal into the authorisation you need to write your own method for OnAuthenticate in the global.asax for the type of authentication, so I would guess for you, something like this:

    void WindowsAuthentication_OnAuthenticate(object sender, WindowsAuthenticationEventArgs e)
    {
        // ensure we have a name and made it through authentication
        if (e.Identity != null && e.Identity.IsAuthenticated)
        {
            //create your principal, pass in the identity so you know what permissions are tied to
            MyCustomePrincipal opPrincipal = new MyCustomePrincipal(e.Identity);            
            //assign your principal to the HttpContext.Current.User, or perhaps Thread.Current
            HttpContext.Current.User = opPrincipal;    
        }
    }
    

    I believe Authorize came in at a later date to the PrincipalPermission, but I'm not too sure as to when/why of the differences I'm afraid :( - sorry!

    0 讨论(0)
提交回复
热议问题