authorization

问题 I've got a bit of an auth problem with with TeamCity when running a command line build. It's related to an existing question about executing an svn checkout command but I want to ask it explicitly here: Why is it that when the TeamCity build agent service is configured to run under a specific Active Directory account and not the local system account, when I execute this command: echo "%username%" I get this build output: [20:52:04]: C:\TeamCity\buildAgent\work\b67560ceb299718c>echo "SYSTEM"

问题 I've got a bit of an auth problem with with TeamCity when running a command line build. It's related to an existing question about executing an svn checkout command but I want to ask it explicitly here: Why is it that when the TeamCity build agent service is configured to run under a specific Active Directory account and not the local system account, when I execute this command: echo "%username%" I get this build output: [20:52:04]: C:\TeamCity\buildAgent\work\b67560ceb299718c>echo "SYSTEM"

问题 In my application a role has several permissions. And I want users to have access to actions dependent on permission, not the role. So suppose: Admin has perm1, perm2, perm3, SuperAdmin has all the permissons that admin has + perm4 and perm5. Also, there are some minor guys also who have perm1, perm3, perm6, perm7. I want to do the following: I want action to be accessible by guy who has suppose perm3 or perm4. those two permissions are from two different roles. but beside perm3 Admin has

问题 I am developing a .NET for ASP.NET Web Application and am trying to deny all users who are unauthorised from accessing my application but allowing them only to the login page. Below is a snippet of the code which is inside my system.web section: <authentication mode="Forms"> <forms loginUrl="Login.aspx" timeout="60" name="APPNAME" slidingExpiration="true" /> </authentication> <authorization> <deny users="?" /> </authorization> I also have this outside to allow access to the login page:

问题 I have a web application that has a configuration folder that houses multiple XML files that are configuration settings for multiple "portals" as you will. I need IIS to have access to them so the "portal" loads (sql connection strings, master page paths) but I want to deny any outside access (url browsing). Here's an example below: http://www.mywebsite/virtualdirectory/configurationdirectory/configfile.xml I need to restrict access to this file if you're browsing to it but still allow the

问题 I was following this series about Mobile Services and I am using examples in latest tutorial. Now I want to impelement registering and login in Windows Phone for example. I changed to Insert permission to anyone with application key and I can Insert new user by this code: await accountTable.InsertAsync(new accounts() { Username = "admin", Password = "mypassword" }); But I don't know how can I now check for login user? How to get token? 回答1: The post you referred was written at the end of last

问题 Is it possible to authorise/deny users of an MVC3 application using AD? My app is secured using Windows authentication at the moment, but that means adding users to groups on the Win2007 server. I'd like to change that so that users were allowed/denied access to the appliction/and controller actions/view based upon their AD roles instead, so they either auto-logged in (like Windows auth) or they get redirected to a "denied" page. Any help very gratefully accepted...everything I find seems to

问题 I have a C# .net application which servers both company's internal users and external customers. I need to do fine-grained authorization like who accesses what resource. So I need something like resource-based or attribute-based rather than a role-based authorization. What comes to my mind is to either: Implement my own authorization mechanism and sql tables for my .net application Use/implement a standard mechanism, like a software that has implemented XACML (for instance Axiomatics) The

问题 I use a custom AuthorizationFilter like the followings: public class ActionAuthorizeAttribute : AuthorizeAttribute { protected override bool AuthorizeCore(System.Web.HttpContextBase httpContext) { if(!httpContext.User.Identity.IsAuthenticated) return false; if(IsUserExcluded()) return false; else return IsRoleAuthorize(httpContext); } } I use this filter at the top of each action I have, and for check Is Authorized, need Action Name, Controller Name, And Area Name. So is there any way to get

问题 I have a webforms application which was built with ASP.NET Membership. I migrated to Identities successfully. I now want to use Claims authorization instead of Roles authorization, but the Role information for the old users has been migrated to the AspNetUserRoles table in the database but the AspNetUserClaims table is empty. New users registered after migration, I can add to AspNetUserClaims with the following code: IdentityResult result1 = manager.AddClaim(user.Id, new Claim(ClaimTypes.Role