All greetings Anyone can do their implementation Authorization system? Do not use the Membership API?
Of course we could implement custom providers to plug a different database into this framework, as detailed at MSDN, but if my application is going to use a repository pattern for data access, and I’m going to have specific controllers and views for creating/editing users, why should membership and authorization be routed through this other framework?
If yes: I'm just interested in how not to make holes in security. Use FormsAuthenticationTicket? How about IPr开发者_运维问答incipal?
Maybe you have some example or project on codeplex.com on other Authorization/Authentication
I use Kristoffer Ahl's excellent FluentSecurity library to manage authorization in a centralized place in my ASP.NET MVC applications. The thing I like most about it is that it keeps me from forgetting to secure controllers because it throws an Exception when a Controller is accessed for which there is no security policy specified.
Resources:
- Project Website: www.fluentsecurity.net
- NuGet Package: install-package FluentSecurity (see NuGet Gallery)
- Source Code: GitHub » kristofferahl » FluentSecurity
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论