我创建自己的IPrincipal
和IIdentity
实现,如下所示:
[ComVisible(true)]
[Serializable]
public sealed class CustomIdentity : IIdentity {
private readonly string _name;
private readonly string _email;
// and other stuffs
public CustomIdentity(string name) {
_name = name.Trim();
if(string.IsNullOrWhiteSpace(name))
return;
_email = (connect to database and read email and other stuffs);
}
public string Name {
get { return _name; }
}
public string Email {
get { return _email; }
}
public string AuthenticationType {
get { return "CustomIdentity"; }
}
public bool IsAuthenticated {
get { return !string.IsNullOrWhiteSpace(_name); }
}
}
[ComVisible(true)]
[Serializable]
public sealed class CustomPrincipal : IPrincipal {
private readonly CustomIdentity _identity;
public CustomPrincipal(CustomIdentity identity) {
_identity = identity;
}
public bool IsInRole(string role) {
return _identity != null &&
_identity.IsAuthenticated &&
!string.IsNullOrWhiteSpace(role) &&
Roles.IsUserInRole(_identity.Name, role);
}
IIdentity IPrincipal.Identity {
get { return _identity; }
}
public CustomIdentity Identity {
get { return _identity; }
}
}
另外,我创建一个
HttpModule
,并在其AuthenticateRequest
事件中执行以下操作: public void Init(HttpApplication context) {
_application = context;
_application.AuthenticateRequest += ApplicationAuthenticateRequest;
}
private void ApplicationAuthenticateRequest(object sender, EventArgs e) {
var formsCookie = _application.Request.Cookies[FormsAuthentication.FormsCookieName];
var identity = formsCookie != null
? new CustomIdentity(FormsAuthentication.Decrypt(formsCookie.Value).Name)
: new CustomIdentity(string.Empty);
var principal = new CustomPrincipal(identity);
_application.Context.User = Thread.CurrentPrincipal = principal;
}
另外,我创建自己的
Controller
和WebViewPage
像这样:public abstract class CustomController : Controller {
public new CustomPrincipal User {
get {
var user = System.Web.HttpContext.Current.User as CustomPrincipal;
return user;
}
}
}
public abstract class CustomWebViewPage<TModel> : WebViewPage<TModel> {
public new CustomPrincipal User {
get {
// (Place number 1) here is the error I'm speaking about!!!
var user = HttpContext.Current.User as CustomPrincipal;
return user;
}
}
}
如上面的代码所示,似乎一切正确。但是正如您所看到的,在位置1 中,我无法访问
CustomPrincipal
!在这个地方,我有一个RolePrincipal
而不是CustomPrincipal
。例如HttpContext.Current.User
是RolePrincipal
而不是CustomPrincipal
。但是RolePrincipal.Identity
属性是CustomIdentity
! 最佳答案
您的错误在这里:
_application.AuthenticateRequest += ApplicationAuthenticateRequest;
有一个名为
HttpModule
的RoleManagerModule
,它会调用HttpApplication.PostAuthenticateRequest
中的方法,并将HttpContext.Current.User
设置为RolePrincipal
。因此,您在User
中设置了AuthenticateRequest
,而RoleManagerModule
在PostAuthenticateRequest
中设置了它,意味着设置之后,因此将覆盖您的设置。更改您的Module.Init
:public void Init(HttpApplication context) {
_application = context;
// change just this line:
_application.PostAuthenticateRequest += ApplicationAuthenticateRequest;
}
重要更新:
如果此方法不起作用,请再次查看this question(由入门者再次询问,取决于当前问题)以寻求第二种解决方案。
关于asp.net-mvc-3 - 在MVC3中使用自定义IPrincipal和IIdentity,我们在Stack Overflow上找到一个类似的问题:https://stackoverflow.com/questions/10742259/