您的位置:首页 > 理论基础 > 计算机网络

认识HttpContext.User

2016-04-25 21:51 344 查看
HttpContext.User,即IPrincipal

.net源代码

namespaceSystem.Security.Principal
{
///<summary>Definesthebasicfunctionalityofaprincipalobject.</summary>
[__DynamicallyInvokable,ComVisible(true)]
publicinterfaceIPrincipal
{
///<summary>Getstheidentityofthecurrentprincipal.</summary>
///<returns>The<seecref="T:System.Security.Principal.IIdentity"/>objectassociatedwiththecurrentprincipal.</returns>
[__DynamicallyInvokable]
IIdentityIdentity
{
[__DynamicallyInvokable]
get;
}
///<summary>Determineswhetherthecurrentprincipalbelongstothespecifiedrole.</summary>
///<returns>trueifthecurrentprincipalisamemberofthespecifiedrole;otherwise,false.</returns>
///<paramname="role">Thenameoftheroleforwhichtocheckmembership.</param>
[__DynamicallyInvokable]
boolIsInRole(stringrole);
}
}


IPrincipal.Identity属性(只读)
.net源代码


///<summary>Definesthebasicfunctionalityofanidentityobject.</summary>
[__DynamicallyInvokable,ComVisible(true)]
publicinterfaceIIdentity
{
///<summary>Getsthenameofthecurrentuser.</summary>
///<returns>Thenameoftheuseronwhosebehalfthecodeisrunning.</returns>
[__DynamicallyInvokable]
stringName
{
[__DynamicallyInvokable]
get;
}
///<summary>Getsthetypeofauthenticationused.</summary>
///<returns>Thetypeofauthenticationusedtoidentifytheuser.</returns>
[__DynamicallyInvokable]
stringAuthenticationType
{
[__DynamicallyInvokable]
get;
}
///<summary>Getsavaluethatindicateswhethertheuserhasbeenauthenticated.</summary>
///<returns>trueiftheuserwasauthenticated;otherwise,false.</returns>
[__DynamicallyInvokable]
boolIsAuthenticated
{
[__DynamicallyInvokable]
get;
}
}


Identity的种类



MVC的授权过滤器AuthorizeAttribute,即利用了Httpcontext.User来验证当前请求是否已被认证。
.net源代码如下


publicclassAuthorizeAttribute:FilterAttribute,IAuthorizationFilter
{
protectedvirtualboolAuthorizeCore(HttpContextBasehttpContext)
{
if(httpContext==null)
{
thrownewArgumentNullException("httpContext");
}
IPrincipaluser=httpContext.User;
returnuser.Identity.IsAuthenticated&&(this._usersSplit.Length<=0||this._usersSplit.Contains(user.Identity.Name,StringComparer.OrdinalIgnoreCase))&&(this._rolesSplit.Length<=0||this._rolesSplit.Any(newFunc<string,bool>(user.IsInRole)));
}
}



                                            

                                        

                        
                        内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 点击这里给我发消息 
                    

                    

                    

                        

                         标签: 
                                                

                        

                    


                

            


            

                
相关文章推荐

                

                
            

        

        

            

            
            

                

                    
新的分享

                    

                        
                    

                

            


            

                

                    
章节导航