asp.net-mvc-3 – 在MVC3中使用自定义的IPrincipal和IIdentity

发布时间：2020-12-15 23:35:45 所属栏目：asp.Net 来源：网络整理

导读：我创建了我自己的IPrincipal和IIdentity实现,如下所示： [ComVisible(true)][Serializable]public sealed class CustomIdentity : IIdentity { private readonly string _name; private readonly string _email; // and other stuffs public CustomIdentity(

我创建了我自己的IPrincipal和IIdentity实现,如下所示：

[ComVisible(true)]
[Serializable]
public sealed class CustomIdentity : IIdentity {

    private readonly string _name;
    private readonly string _email;
    // and other stuffs

    public CustomIdentity(string name) {
        _name = name.Trim();
        if(string.IsNullOrWhiteSpace(name))
            return;
        _email = (connect to database and read email and other stuffs);
    }

    public string Name {
        get { return _name; }
    }

    public string Email {
        get { return _email; }
    }

    public string AuthenticationType {
        get { return "CustomIdentity"; }
    }

    public bool IsAuthenticated {
        get { return !string.IsNullOrWhiteSpace(_name); }
    }

}


[ComVisible(true)]
[Serializable]
public sealed class CustomPrincipal : IPrincipal {

    private readonly CustomIdentity _identity;

    public CustomPrincipal(CustomIdentity identity) {
        _identity = identity;
    }

    public bool IsInRole(string role) {
        return _identity != null && 
               _identity.IsAuthenticated &&
               !string.IsNullOrWhiteSpace(role) &&
               Roles.IsUserInRole(_identity.Name,role);
    }

    IIdentity IPrincipal.Identity {
        get { return _identity; }
    }

    public CustomIdentity Identity {
        get { return _identity; }
    }

}

另外,我创建一个HttpModule并在其AuthenticateRequest事件中,我这样做：

public void Init(HttpApplication context) {
        _application = context;
        _application.AuthenticateRequest += ApplicationAuthenticateRequest;
    }

    private void ApplicationAuthenticateRequest(object sender,EventArgs e) {
        var formsCookie = _application.Request.Cookies[FormsAuthentication.FormsCookieName];
        var identity = formsCookie != null
             ? new CustomIdentity(FormsAuthentication.Decrypt(formsCookie.Value).Name)
             : new CustomIdentity(string.Empty);
        var principal = new CustomPrincipal(identity);
        _application.Context.User = Thread.CurrentPrincipal = principal;
    }

另外,我创建了我自己的Controller和WebViewPage,如下所示：

public abstract class CustomController : Controller {
    public new CustomPrincipal User {
        get {
            var user = System.Web.HttpContext.Current.User as CustomPrincipal;
            return user;
        }
    }
}


public abstract class CustomWebViewPage<TModel> : WebViewPage<TModel> {
    public new CustomPrincipal User {
        get {
            // (Place number 1) here is the error I'm speaking about!!!
            var user = HttpContext.Current.User as CustomPrincipal;
            return user;
        }
    }
}

如上面的代码所示,似乎一切正确;但是如你所见,在第1号地方我无法访问CustomPrincipal！在这个地方,我有一个RolePrincipal,而不是一个CustomPrincipal.例如HttpContext.Current.User是一个RolePrincipal,而不是CustomPrincipal.但是RolePrincipal.Identity属性是CustomIdentity！

解决方法

你的错误在这里：

_application.AuthenticateRequest += ApplicationAuthenticateRequest;

有一个名为RoleManagerModule的HttpModule调用HttpApplication.PostAuthenticateRequest中的一个方法,并将HttpContext.Current.User设置为RolePrincipal.所以,您正在将AuthenticateRequest中的用户设置,并且RoleManagerModule将其设置为PostAuthenticateRequest,这意味着在您设置之后,因此覆盖您的设置.更改你的Module.Init：

public void Init(HttpApplication context) {
    _application = context;
    // change just this line:
    _application.PostAuthenticateRequest += ApplicationAuthenticateRequest;
}

重要更新：

请参阅this question再次启动,取决于当前的问题 – 第二个解决方案,如果这一个不起作用.

（编辑：李大同）

【声明】本站内容均来自网络，其相关言论仅代表作者个人观点，不代表本站立场。若无意侵犯到您的权利，请及时与联系站长删除相关内容!