ASP.NET Tutorial/Authentication Authorization/Role
Содержание
Adding roles to the application
<source lang="csharp">
<%@ Page Language="C#" %> <script runat="server">
protected void Page_Load(object sender, EventArgs e) { ListBoxDataBind(); } protected void Button1_Click(object sender, EventArgs e) { Roles.CreateRole(TextBox1.Text.ToString()); ListBoxDataBind(); } protected void ListBoxDataBind() { ListBox1.DataSource = Roles.GetAllRoles(); ListBox1.DataBind(); }
</script> <html xmlns="http://www.w3.org/1999/xhtml" > <head id="Head1" runat="server">
<title>Role Manager</title>
</head> <body>
<form id="form1" runat="server">
Role Manager
Add Role:
<asp:TextBox ID="TextBox1" Runat="server"></asp:TextBox> <asp:Button ID="Button1" Runat="server" Text="Add Role to Application" OnClick="Button1_Click" /> Roles Defined:
<asp:ListBox ID="ListBox1" Runat="server"> </asp:ListBox> </form>
</body> </html></source>
Assigning a new user to a role.
<source lang="csharp">
File: Web.Config <configuration>
<system.web> <authorization> <allow roles="Managers"/> <deny users="*"/> </authorization> </system.web>
</configuration></source>
Configuring the WindowsTokenRoleProvider
<source lang="csharp">
When you use the WindowsTokenRoleProvider, roles correspond to Microsoft Windows groups. File: Web.Config <configuration>
<system.web> <authentication mode="Windows" /> <roleManager enabled="true" defaultProvider="MyRoleProvider"> <providers> <add name="MyRoleProvider" type="System.Web.Security.WindowsTokenRoleProvider" /> </providers> </roleManager> </system.web>
</configuration></source>
Displaying a user"s roles.
<source lang="csharp">
<%@ Page Language="C#" %> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <script runat="server">
void Page_Load() { if (!Request.IsAuthenticated) { FormsAuthentication.RedirectToLoginPage(); Response.End(); } if (!Roles.RoleExists("Managers")) Roles.CreateRole("Managers"); if (!Roles.RoleExists("Sales")) Roles.CreateRole("Sales"); if (!Roles.IsUserInRole("Managers")) Roles.AddUserToRole(User.Identity.Name, "Managers"); if (!Roles.IsUserInRole("Sales")) Roles.AddUserToRole(User.Identity.Name, "Sales"); }
</script> <html xmlns="http://www.w3.org/1999/xhtml" > <head id="Head1" runat="server">
<title>Show Roles</title>
</head> <body>
<form id="form1" runat="server">
Your Roles
<asp:GridView id="grdRoles" DataSourceID="srcRoles" EmptyDataText="You are not a member of any roles" GridLines="none" Runat="server" /> <asp:ObjectDataSource id="srcRoles" TypeName="System.Web.Security.Roles" SelectMethod="GetRolesForUser" Runat="server" />
</form>
</body> </html></source>
Displaying different content to members of the Windows Administrators group.
<source lang="csharp">
<%@ Page Language="C#" %> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" > <head id="Head1" runat="server">
<title>Show Windows Roles</title>
</head> <body>
<form id="form1" runat="server">
<asp:LoginView id="LoginView1" Runat="server"> <RoleGroups> <asp:RoleGroup Roles="BUILTIN\Administrators"> <ContentTemplate>
Welcome Administrator!
</ContentTemplate> </asp:RoleGroup> </RoleGroups> <LoggedInTemplate>
Welcome Average User!
</LoggedInTemplate> </asp:LoginView>
</form>
</body> </html></source>
Enables the SqlRoleProvider.
<source lang="csharp">
The Role Manager is disabled by default. File: Web.Config <configuration>
<system.web> <roleManager enabled="true" /> <authentication mode="Forms" /> </system.web>
</configuration></source>
Getting all the roles of a specific user
<source lang="csharp">
Protected Sub Button1_Click(ByVal sender As Object, ByVal e As System.EventArgs)
GridView1.DataSource = Roles.GetRolesForUser("userName") GridView1.DataBind()
End Sub</source>
Looking up users in a particular role
<source lang="csharp">
<%@ Page Language="C#" %> <script runat="server">
protected void Page_Load(object sender, EventArgs e) { DropDownDataBind(); } protected void Button1_Click(object sender, EventArgs e) { GridView1.DataSource = Roles.GetUsersInRole(DropDownList1.SelectedValue); GridView1.DataBind(); DropDownDataBind(); } protected void DropDownDataBind() { DropDownList1.DataSource = Roles.GetAllRoles(); DropDownList1.DataBind(); }
</script>
<html xmlns="http://www.w3.org/1999/xhtml" > <head id="Head1" runat="server">
<title>Role Manager</title>
</head> <body>
<form id="form1" runat="server"> Roles: <asp:DropDownList ID="DropDownList1" Runat="server"> </asp:DropDownList> <asp:Button ID="Button1" Runat="server" Text="Get Users In Role" OnClick="Button1_Click" />
<asp:GridView ID="GridView1" Runat="server"> </asp:GridView> </form>
</body> </html></source>
Windows roles
<source lang="csharp">
<%@ Page Language="C#" AutoEventWireup="true" CodeFile="Default.aspx.cs" Inherits="_Default" %> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" > <head runat="server">
<title>Untitled Page</title>
</head> <body>
<form id="form1" runat="server">
<asp:Label ID="LabelPrincipalInfo" runat="server" />
</form>
</body> </html> File: Web.config <?xml version="1.0"?> <configuration xmlns="http://schemas.microsoft.ru/.NetConfiguration/v2.0">
<system.web> <compilation debug="true"/> <authentication mode="Windows"/> <authorization> <deny users="?" /> </authorization> <roleManager enabled="true" cacheRolesInCookie="false" defaultProvider="WindowsRoles"> <providers> <add name="WindowsRoles" type="System.Web.Security.WindowsTokenRoleProvider" /> </providers> </roleManager> </system.web>
</configuration> File: Default.aspx.cs
using System; using System.Data; using System.Configuration; using System.Web; using System.Web.Security; using System.Web.UI; using System.Web.UI.WebControls; using System.Web.UI.WebControls.WebParts; using System.Web.UI.HtmlControls; using System.Text; public partial class _Default : System.Web.UI.Page {
protected void Page_Load(object sender, EventArgs e) { if ((User != null) && (User.Identity.IsAuthenticated)) { RolePrincipal rp = (RolePrincipal)User; StringBuilder Info = new StringBuilder();Info.AppendFormat("
Welcome {0}!
", User.Identity.Name);Info.AppendFormat("Provider: {0}
", rp.ProviderName); Info.AppendFormat("Version: {0}
", rp.Version); Info.AppendFormat("Expiration: {0}
", rp.ExpireDate); Info.AppendFormat("Roles:
"); string[] Roles = rp.GetRoles(); foreach (string role in Roles) { if (!role.Equals(string.Empty)) Info.AppendFormat("-) {0}
", role); } LabelPrincipalInfo.Text = Info.ToString(); } }
}</source>