Windows 身份验证可用的角色
我正在尝试将角色身份验证添加到 ASP.NET MVC 应用程序中控制器中的操作。 代码如下所示:
[Authorize(Roles = "SomeRoleName")]
public ActionResult Index()
{
bool inRole = User.IsInRole("Admin");
如果我删除 Authorize 属性并在该代码示例的最后一行放置断点,是否有办法检查对象并找出可用的角色?
例如,我在“立即”窗口中调用 User.IsInRole("Admin),它会给我一个真/假值。我如何访问可用角色的集合?
I'm trying to add Roles authentication to an Action in a Controller in an ASP.NET MVC application. The code looks something like this:
[Authorize(Roles = "SomeRoleName")]
public ActionResult Index()
{
bool inRole = User.IsInRole("Admin");
If I remove the Authorize attribute and put a breakpoint on the last line in that code sample, is there a way that I can inspect the objects and find out what roles are available?
e.g. I call User.IsInRole("Admin) in the Immediate window and it will give me a true/false value. How can I access the collection of roles available?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(4)
如果您不需要以编程方式执行此操作,但您正在尝试确定需要指定的正确 Windows 组/角色,则可以从命令行使用此命令:
否则您将需要查询 Active Directory 的 LDAP 部分,或者使用 DirectoryServices 下的某些内容。
查看这些网站,通过 C# 访问 Active Directory:
If you don't need to do this programatically, but you are trying to determine the correct Windows Groups/Roles that need to be specified, you can use this from the command line:
Otherwise you will need to query the LDAP part of Active Directory, or use something under DirectoryServices.
Take a look at these websites to access Active Directory via C#:
将其添加到 system.web 下的 web.config 中:
然后您可以使用:
或:
Add this to your web.config under system.web:
Then you can use:
or:
您可以使用 System.Web.Security.Roles.Provider 中 RoleProvider 类的各种方法。
有关详细信息,请参阅此内容:角色提供程序
You can use the various methods on the RoleProvider class in System.Web.Security.Roles.Provider.
See this for more: Role Provider
我猜您在这里没有使用角色提供程序,而是依靠 WindowsPrincipal 的底层功能,其中角色映射到用户组。 无论如何,我认为除了枚举该计算机/该域中可用的 Windows 组之外,我们不能做更多的事情。 不确定这是否有帮助,但这就是我所能说的,而不知道您要对所述角色列表做什么。
I'm guessing you aren't using a role provider here, but falling back on the underlying functionality of WindowsPrincipal where the roles map to the user's groups. Anyhow, I don't think one can do more than enumerate the windows groups available on that machine/in that domain. Not sure if this helps, but that's all I can say without having an idea of what you are trying to do with said roles list.