I need to authorize the user against the resouces in my MVC 3 project. Is practice?
Interface IResource {string Id {get; Set; } Authorize Bool (user user); } Class user {// some logic for user} class resource A: IResource {public string id {get; Set; } Public resource (string id) {id = id; } Authorize Bool (user user) {// query shows that the user is allowed to resource or not, if the user is otherwise wrong)} Class TestController: Controller {// Get the details of the resource Get a public action Get results (user user, string resource ED) {IRS resource resources = new resource A (resource ID); If (resource. Authorized (user)) {// goods}} other {HTTPPACEction (403, "no permission"); }}} In the above implementation:
All the resources of the website are forced to apply IRSSOs interface.
All requests that need to be applied to the authorization code for the resource.
Any help would be greatly appreciated.
The solution looks good if you have a specific administrator and resource related work, then you use the ActionFilter You can also make custom logic and check and redirect when verification and failure are done. Properties are also a way of central logic system. The solution depends on how your user is communicating with the resources.
No comments:
Post a Comment