ENTERPRISE LIBRARY 2.0 - Security Application Block

xiaoxiao2021-04-04  280

Today, I will introduce the Security Application Block in Enterprise Library 2.0, which helps programs developers implement most of the functions related to authorization in the application, not only that, but also supports the authorization of users in our system and authorization data. It mainly includes several components:

1. Reduce the quantity of code;

2. Keep the consistency of security management in the application;

3. Provide a method of implementation of many security issues in applications;

4, scalable, support custom provider.

...

Regarding the introduction to the Security Application Block, I don't say more, I can refer to the help documentation. Let's take a look at how to configure Security Application Block, first open the configuration tool, create a new security application block, as follows: and then create an Authorization Rule Provider under the Authorization node, name RuleProvider, as follows: Now you can create it under the RuleProvider node, create A series of rules (Rule). As shown below: New rules, we also need to define an expression for this rule, used to determine whether to meet this rule in the program, as shown below: As shown, we define the identity of the user who can pass the rule must be User or admin. We can define a variety of rules according to our actual needs. Finally, we can allocate a default Authorization instance for our Structure Application Block, as shown in Figure: At this point, there are more details in our configuration file:

<

section

Name

= "SecurityConfiguration"

Type

= "Microsoft.Practices.Enterpriselibrary.security.configuration.securitySettings, Microsoft.Practices.EnterpriseLibrary.security, Version = 2.0.0.0, Culture = neutral, publickeyToken = NULL"

/>

<

SecurityConfiguration

DefaultAuthorizationInstance

= "RuleProvider"

DefaultSecurityCacheInstance

= ""

>

<

AuthorizationProviders

>

<

Add

Type

= "Microsoft.Practices.Enterpriselibrary.Security.AuthorizationRuleProvider, Microsoft.Practices.EnterpriseLibrary.Security, Version = 2.0.0.0, Culture = NEUTRAL, PUBLICKEYTOKEN = NULL"

Name

= "RuleProvider"

>

<

Rules

>

<

Add

EXPRESSION

= "R: User or r: admin"

Name

= "Rule"

/>

Rules

>

Add

>

AuthorizationProviders

>

SecurityConfiguration>

It is said that the configuration of the Security Application Block is here.

Let's take a look at the difference between Enterprise Library 2.0's Security Application Block and version 1.0, because the new features of roles and members' management are provided in ASP.NET 2.0, so there is a certain difference in some aspects and 1.0 versions: Because ASP.NET 2.0 provides two classes of MemberShip, Roles, which contains authentication users, role management, and settings and read features for Profile information, so Security Application Block 2.0 removes these features. Therefore, the main difference from version 1.0 is the following three aspects: first importing the following two namespaces: use system.web.profile; using system.web.security; 1. Verifying the user's method is as follows:

/ ** /

///

/// Verify user /// http://pw.cnblogs.com /// /// Username /// Password ///

public

Bool

CHECKUSER

String

Username,

String

PASSWORD)

{Return Membership.validateUser (username, password);

2, read or set the profile information

/ ** /

///

/// Use profile /// http://pw.cnblogs.com ///

[TestMethod]

public

Void

Useprofile ()

{IIdentity identity; identity = new GenericIdentity ( "SHY520", Membership.Provider.Name); // Set Profile ProfileBase setuserProfile = ProfileBase.Create (identity.Name); setuserProfile [ "Name"] = "SHY520"; setuserProfile [ " Address "] =" Wuhu China "; // save Profile information setuserProfile.Save (); // read Profile information ProfileBase readuserProfile = ProfileBase.Create (identity.Name); string Name = readuserProfile [" Name "] ToString (. ); String address = readuserprofile ["address"]. ToString (); assert.Arequal (name, "shy520"); assert.Areequal (address, "wuhu china);} 3, get a list of roles belonging to a user

/ ** /

///

/// get a list of roles belonging to a user /// http://pw.cnblogs.com /// /// Role list

public

String

GetUserRoles ()

{IIDENTITY IDENTIN = New GenericIdentity ("Shy520", Member); Return Roles.Getrolesforuser (Identity.Name);}

The difference from the previous version is basically the above, let's take a look at the basic method of use of Security Application Block 2.0:

1. Assign an authorized user: Security Application Block places the authorized user's identity information into the cache, and returns a token, so we need to configure a security cache before using this party. Not much to say, you can refer to the official tutorial, follow the code in the configured app.config:

<

SecurityCacheProviders

>

<

Add

CachemanagerinstanceName

= "Cache Manager"

DefaultlidingSessionExpirationinminutes

= "10"

DefaultAbsolutionsSessionExpirationinminutes

= "60"

Type

= "Microsoft.Practices.EnterpriseLibrary.Security.Cache.CachingStore.CachingStoreProvider, Microsoft.Practices.EnterpriseLibrary.Security.Cache.CachingStore, Version = 2.0.0.0, Culture = neutral, PublicKeyToken = null" name

= "CACHING Store Provider"

/>

SecurityCacheProviders

>

This code is in the SecurityConfiguration section, where cacheManagerInstanceName is an instance we configured in the Caching Application Block.

/ ** /

///

/// Use the SaveIdentity method to save the user's identity, and return a token /// http://pw.cnblogs.com /// ///

public

IToken SaveUserInfo ()

{ISecurityCacheProvider sc = securitycachefactory.getSecurityCacheProvider ("cache manager"); // put the user identity into the cache and return a ITOKEN type of marker returnis sc.SaveIdentity (New GenericIdentity);}

2, use token to verify that the user has been authorized

/ ** /

///

/// According to token, it is determined whether the user has been authorized // http://pw.cnblogs.com /// /// ///

public

Bool

CheckUserbyToken (Itoken Token)

{ISecurityCacheProvider sc = SecurityCacheFactory.GetSecurityCacheProvider ( "Cache Manager"); // get the corresponding identity Token IIdentity IIdentity savedIdentity = sc.GetIdentity (token); // Returns whether the identification has been authorized savedIdentity.IsAuthenticated return;}

3, end User Session (even if Tokeen expires)

/ ** /

///

/// User token expire /// http://pw.cnblogs.com ///

public

Void

CloseUsession ()

{ISecurityCacheProvider sc = SecurityCacheFactory.GetSecurityCacheProvider ( "Cache Manager"); // save the identity IToken token = sc.SaveIdentity (new GenericIdentity ( "SHY520")); // make the identity expired sc.ExpireIdentity (token);} 4, is determined Whether the user meets certain rules First, you need to import the following namespace: use system.security.principal; using microsoft.practices.EnterpriseLibrary.security;

/ ** /

///

/// Determines if the user satisfies a certain rule /// http://pw.cnblogs.com /// /// User name /// Role name /// rule name ///

public

Bool

CheckUserRolebyRule

String

Username,

String

Role,

String

Rule)

{IPrincipal principal = new GenericPrincipal (new GenericIdentity (username), new string [] {role}); // create a default instance Authorization IAuthorizationProvider autoprovider = AuthorizationFactory.GetAuthorizationProvider (); // Returns verify by return autoprovider.Authorize ( Principal, rule);

Through the above method, you can simply implement the identification of user rights. For the simple application of Security Application Block, you will talk about how to realize custom Authorization Provider. 1, first we build your own Provider class, which requires AuthorizationProvider; 2, and adds the attribute; 3, add constructor, parameter to the NameValueCollection type; 4, overlay base class The authorize method in which you have added your own verification, you have completed a custom authorization provider. The complete class is as follows:

Using

System;

Using

System.collections.Generic;

Using

System.Text;

Using

Microsoft.Practices.EnterpriseLibrary.security; using

System.collections.Specialized;

Using

System.security.principal;

Using

Microsoft.practices.EnterpriseLibrary.Common.configuration;

Using

Microsoft.Practices.EnterpriseLibrary.security.configuration;

Namespace

Enterprise_library_2

{[ConfigurationElementType (typeof (CustomAuthorizationProviderData))] public class CustomProvider: AuthorizationProvider {public CustomProvider (NameValueCollection configurationItems) {} public override bool Authorize (IPrincipal principal, string context) {// TODO: need to add authentication authorization herein Logic can be return true;}}}

Regarding the introduction of Security Application Block, I said that there is a negligent place, please refer to it, I hope to help beginners!

转载请注明原文地址:https://www.9cbs.com/read-131785.html

New Post(0)