添加自定义角色 - VB 2008 Winforms
我正在开发一个基于 winforms (VB 2008) 的应用程序,我想使用自定义角色进行用户访问。
应用程序布局: 我有一个主窗体,当发生某些操作时,它会打开登录窗体。登录表单实习生使用我创建的身份验证类来对用户进行身份验证并设置访问权限。在我的应用程序设置页面上,我将身份验证模式设置为应用程序定义,因为我无法在要部署此功能的环境中使用 Windows 身份验证。
该应用程序使用 MS SQL 2005 数据库,我在身份验证过程中使用的 3 个表是 User_Account 、 User_Roles 和 User_Access 表。 User_Account 中的帐户和 User_Roles 表中的角色的组合是 User_Access 表的基础。使用 User_Access 表是我分配对应用程序内各种功能的访问权限
身份验证方法: 为了对用户进行身份验证,我使用“My.User.CurrentPrincipal”(下面的代码)方法。 My.User 对象工作得很好,并且允许在引用当前经过身份验证的用户时在整个应用程序中使用“My.User.Name”属性。
访问方法: 为了设置当前用户的访问级别,我在 Authentication 类中使用一个函数,并将 My.User.Name 作为变量传递。该函数在 For 循环内使用数据集表适配器和 Select Case 语句来为用户分配所有访问级别(函数代码如下)。
我的问题: 这种为用户分配访问权限的方法确实有效,但它不像 My.User 对象那样在整个应用程序中持久存在。我想找到一种通过 My.User 对象使用其 .IsInRole 属性创建自定义角色的方法。我想使用我的 User_Roles 表动态创建这些角色。 这将允许使用 My.User.IsInRole("MyRole") 语法在整个应用程序中使用自定义角色...类似于我当前使用 My.User.Name 的方式。不幸的是,我当前可以验证的唯一角色是内置的 Windows 类型帐户(管理员...等)。
我发现了很多与 ASP.Net 以及设置 Winforms Windows 身份验证相关的信息和示例,但到目前为止没有任何内容与我的问题直接相关。 我认为有一种方法可以实现这一点......但我一直无法找到它。任何帮助将不胜感激!
感谢您的帮助!
'用户身份验证示例:
If Authenticate.CheckPassword(tbxUserName.Text, strPassword) Then
My.User.CurrentPrincipal = New GenericPrincipal(New GenericIdentity(tbxUserName.Text), Nothing)
'访问分配示例:
Public Shared Function GetUser(ByVal strUsername As String) As Authenticate
Using UserAdapter As New dbUserTableAdapters.User_AccountsTableAdapter()
Dim UserTable As dbUser.User_AccountsDataTable = UserAdapter.GetByUser(strUsername)
Dim tempUser As New Authenticate() _
With {.ID = UserTable(0).id, _
.Username = UserTable(0).User_Name, _
.Password = UserTable(0).id}
Using AccessAdapter As New dbUserTableAdapters.User_AccessTableAdapter()
Dim AccessTable As dbUser.User_AccessDataTable = AccessAdapter.GetByUser(tempUser.ID)
For c As Integer = 0 To AccessTable.Rows.Count - 1
Select Case AccessTable(c).Role_Id
Case RoleType.SysAdmin
tempUser.AllowSysAdmin = True
Case RoleType.Maintenance
tempUser.AllowMaintenance = True
Case RoleType.ReportAll
tempUser.AllowRptAll = True
Case RoleType.ReportException
tempUser.AllowRptExceptions = True
Case RoleType.EventManagment
tempUser.AllowEventStart = True
Case Else
End Select
Next
Return tempUser
End Using
End Using
End Function
I have a winforms (VB 2008) based app that I'm developing and I want to use custom roles for user access.
Application Layout:
I have a Main form that opens a login form when certain actions occur. The Login form intern uses an authentication class that I've created, to authenticate users and set access rights. On my Applications settings page, I have Authentication Mode set to Application-defined because I cannot use Windows Authentication in the environment where this will be deployed.
The application uses a MS SQL 2005 db and the 3 tables I'm using in the authentication process are the User_Account , User_Roles and User_Access tables. The combination of an account in the User_Account and the roles within the User_Roles table are the bases for the User_Access table. Using the User_Access table is how I assign access to the various functions within the application
Authentication Method:
To authenticate a user, I'm using the "My.User.CurrentPrincipal" (Code below) method. The My.User object works great and allows the use of "My.User.Name" property throughout the app when referring to the currently authenticated user.
Access Method:
In order to set the current users access levels I'm using a function within my Authentication class and passing in My.User.Name as a variable. The function uses a Dataset Table Adaptor and a Select Case statement inside a For loop to assign all the access levels for the user (Function code below).
My Problem:
This method of assigning access rights to a user does work but it's not persistent throughout the application as the My.User object is. I would like to find a way to create custom roles through the My.User object using its .IsInRole property. I would like to have these roles dynamically created using my User_Roles table.
This would allow the custom roles to be used throughout my application using the My.User.IsInRole("MyRole") syntax ...similar to how I'm currently able to use My.User.Name. Unfortunately the only roles I can currently validate against are the built in Windows type accounts (Adminisrator ...ect.).
I have found lots of information and examples related to ASP.Net as well as setting up Winforms Windows authentication but nothing so far directly related to my issue.
I think there's a way to accomplish this...but I have not been able to find it. Any help would be greatly appreciated!!
Thank you for your help!
'User Authentication example:
If Authenticate.CheckPassword(tbxUserName.Text, strPassword) Then
My.User.CurrentPrincipal = New GenericPrincipal(New GenericIdentity(tbxUserName.Text), Nothing)
'Access assignment example:
Public Shared Function GetUser(ByVal strUsername As String) As Authenticate
Using UserAdapter As New dbUserTableAdapters.User_AccountsTableAdapter()
Dim UserTable As dbUser.User_AccountsDataTable = UserAdapter.GetByUser(strUsername)
Dim tempUser As New Authenticate() _
With {.ID = UserTable(0).id, _
.Username = UserTable(0).User_Name, _
.Password = UserTable(0).id}
Using AccessAdapter As New dbUserTableAdapters.User_AccessTableAdapter()
Dim AccessTable As dbUser.User_AccessDataTable = AccessAdapter.GetByUser(tempUser.ID)
For c As Integer = 0 To AccessTable.Rows.Count - 1
Select Case AccessTable(c).Role_Id
Case RoleType.SysAdmin
tempUser.AllowSysAdmin = True
Case RoleType.Maintenance
tempUser.AllowMaintenance = True
Case RoleType.ReportAll
tempUser.AllowRptAll = True
Case RoleType.ReportException
tempUser.AllowRptExceptions = True
Case RoleType.EventManagment
tempUser.AllowEventStart = True
Case Else
End Select
Next
Return tempUser
End Using
End Using
End Function
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
我认为您需要实现一个自定义 IPrincipal 对象来访问您的 SQL 表。请尝试此页面。
编辑:
首先,看看 IIdentity 的定义 和 IPrincipal。您会注意到 IIdentity 没有定义“角色”属性。他们选择在 IIdentity (SampleIIdentity) 实现中实现一个名为 Role 的附加属性,然后在 IPrincipal 实现中使用它。我建议您实现自己的 Role 属性(查询现有表)并返回您自己定义的 Role 类型之一(或数组)。然后,在 IPrincipal 的实现中,您可以编写 IsInRole 代码来查询新的 Role 属性。希望这比我相当肤浅的答案更有意义。
I think you need to implement a custom IPrincipal object which accesses your SQL table. Try this page.
Edit:
First, have a look at the definitions of IIdentity and IPrincipal. You'll note that IIdentity doesn't have a 'Role' property defined. They've chosen to implement an additional property called Role on their implementation of IIdentity (SampleIIdentity) and then they've used it from their implementation of IPrincipal. What I'm suggesting is that you implement your own Role property (which queries your existing table) and returns one (or an array) of a Role type you define yourself. Then in your implementation of IPrincipal, you can code IsInRole to query the new Role property. Hopefully that makes more sense that my rather skimpy answer.