asp.net-mvc – 在MVC3中扩展ClaimsIdentity
我使用azure用MVC3设置了我的声明,一切都很顺利.
我现在需要做的是扩展当前线程/ http上下文中的Claim Identity并添加我自己的信息(DOB,Address ..那种东西) 所以我的问题是 – 最好的地方在哪里?任何例子都会很棒.. 我假设当用户通过身份验证时,必须转到数据库并为用户提取相关记录,然后将其添加到自定义的“声明身份”对象中? 解决方法
通常,您将拥有一个将检查cookie的httpmodule,一旦找到FedAuth令牌,您就可以建立自己的声明主体和身份.
您通常不需要存储用户的整个配置文件,只是通常不会改变的有用的东西.我在actionfilter中执行此操作. 这是我发现的所有这些代码. https://github.com/wcpro/ScaffR/tree/master/src/ScaffR.Security/content/CodeTemplates/Scaffolders/ScaffR.Security 你可能不得不做一点挖掘,但它在那里. 这是http模块的代码 public class ClaimsTransformationHttpModule : IHttpModule { public void Init(HttpApplication context) { context.PostAuthenticateRequest += context_PostAuthenticateRequest; } void context_PostAuthenticateRequest(object sender,EventArgs e) { var context = ((HttpApplication) sender).Context; if (FederatedAuthentication.SessionAuthenticationModule != null && FederatedAuthentication.SessionAuthenticationModule.ContainsSessionTokenCookie(context.Request.Cookies)) { return; } var transformer = FederatedAuthentication.FederationConfiguration.IdentityConfiguration.ClaimsAuthenticationManager; if (transformer != null) { var transformedPrincipal = transformer.Authenticate(context.Request.RawUrl,context.User as ClaimsPrincipal); context.User = transformedPrincipal; Thread.CurrentPrincipal = transformedPrincipal; } } public void Dispose() { } } 这是Claims Transformer public partial class ClaimsTransformer : ClaimsAuthenticationManager { partial void SetCustomPrincipalClaims(IUserService userService,ref ClaimsPrincipal principal); public override ClaimsPrincipal Authenticate(string resourceName,ClaimsPrincipal incomingPrincipal) { if (!incomingPrincipal.Identity.IsAuthenticated) { return incomingPrincipal; } var newPrincipal = Transform(incomingPrincipal); EstablishSession(newPrincipal); return newPrincipal; } ClaimsPrincipal Transform(ClaimsPrincipal incomingPrincipal) { var nameClaim = incomingPrincipal.Identities.First().FindFirst(ClaimTypes.Name); var userService = DependencyResolver.Current.GetService<IUserService>(); var user = userService.GetByUsername(nameClaim.Value); var id = new ApplicationIdentity(user); var principal = new ClaimsPrincipal(id); SetCustomPrincipalClaims(userService,ref principal); return principal; } private void EstablishSession(ClaimsPrincipal principal) { if (HttpContext.Current != null) { var sessionToken = new SessionSecurityToken(principal); FederatedAuthentication.SessionAuthenticationModule.WriteSessionTokenToCookie(sessionToken); } } } 然后是配置 <?xml version="1.0" encoding="utf-8"?> <system.identityModel> <identityConfiguration> <claimsAuthenticationManager type="Barbarella.Core.Common.Security.ClaimsTransformer,Barbarella.Core" /> </identityConfiguration> </system.identityModel> 还有这个… <system.identityModel.services> <federationConfiguration> <cookieHandler mode="Default" requireSsl="false" /> </federationConfiguration> </system.identityModel.services> 还有这个… <system.webServer> <validation validateIntegratedModeConfiguration="false" /> <modules runAllManagedModulesForAllRequests="true"> <add name="ClaimsTransformationModule" type="Barbarella.Core.Common.Security.ClaimsTransformationHttpModule,Barbarella.Core" /> <add name="SessionAuthenticationModule" type="System.IdentityModel.Services.SessionAuthenticationModule,System.IdentityModel.Services,Version=4.0.0.0,Culture=neutral,PublicKeyToken=b77a5c561934e089" /> </modules> 别忘了添加配置部分 <section name="system.identityModel" type="System.IdentityModel.Configuration.SystemIdentityModelSection,System.IdentityModel,PublicKeyToken=B77A5C561934E089" /> <section name="system.identityModel.services" type="System.IdentityModel.Services.Configuration.SystemIdentityModelServicesSection,PublicKeyToken=B77A5C561934E089" /> 这是我的ApplicationIdentity代码(覆盖ClaimsIDentity)…这是真正回答你问题的代码…… public sealed partial class ApplicationIdentity : ClaimsIdentity { partial void SetCustomIdentityClaims(User user); private readonly User _user; public ApplicationIdentity(User user) : base("Application") { _user = user; AddClaim(new Claim(ClaimTypes.Name,user.Username)); AddClaim(new Claim(ApplicationClaimTypes.UserId,user.Id.ToString(CultureInfo.InvariantCulture))); AddClaim(new Claim(ApplicationClaimTypes.FirstName,user.FirstName)); AddClaim(new Claim(ApplicationClaimTypes.LastName,user.LastName)); AddClaim(new Claim("Time",DateTime.Now.ToString())); SetCustomIdentityClaims(_user); } public User User { get { return _user; } } public int UserId { get { return int.Parse(FindFirst(ApplicationClaimTypes.UserId).Value); } } public string Username { get { return FindFirst(ClaimTypes.Name).Value; } } } (编辑:李大同) 【声明】本站内容均来自网络,其相关言论仅代表作者个人观点,不代表本站立场。若无意侵犯到您的权利,请及时与联系站长删除相关内容! |
- asp.net-mvc – Asp.net MVC – 如何检查Ajax请求的会话过期
- asp.net-mvc – asp.net MVC DisplayTemplates和EditorTemp
- ASP.NET Forms身份验证和持久身份验证Cookie安全性
- asp.net-mvc-3 – 扩展MVC3剃刀Html.LabelFor添加css类
- asp.net – 在执行计时器滴答功能时避免回发
- asp.net – IIS和线程
- asp.net-mvc – ASP.NET MVC获取View的最后修改日期/ FileI
- asp.net – 会话状态在ajax帖子之间丢失了吗?
- asp.net – 用于Webapp和桌面/移动应用程序的OpenID OAuth身
- asp.net-mvc – 为什么在MVC中使用bundle会增加内存使用量
- asp.net – UserControl有IsPostBack,但是Contro
- asp.net – 减轻Web服务器上的RsaCryptoServiceP
- ASP.NET友好URL
- iis – 如何用经典的asp实现openid支持?
- asp.net – DotNetOpenAuth.WebServerClient.XSR
- asp.net-mvc-3 – 应该如何看待“分离”?
- asp.net-mvc-3 – 如何使用MiniProfiler与单页We
- .net – Autofac和IDisposable界面
- wcf – aspNetCompatibilityEnabled =“true”
- asp.net-mvc – 可以在ASP.NET MVC中本地化URL /