Yanor.net/
Wiki
Blog
GitHub
Sandbox
開始行:
* フォーム認証によるロールベースのアクセス制御 [#od342879]
** アクセス制御の仕方 [#afd0ea96]
- アクションクラスまたはアクションメソッドにアノテーショ...
public class HomeController : Controller
{
[Authorize(Roles="Administrations")]
public ActionResult Index() {}
}
** 認証を行うクラス [#sa0dda5b]
- MembershipProviderを継承したカスタムクラスでユーザ認証...
- RoleProviderを継承したカスタムクラスでロールの管理を行う
** 認証ユーザの参照 [#wbd947ea]
public ActionResult Index() {
var user = HttpContext.User;
}
** 実装例 [#j39d8a88]
*** MembershipProvider [#k24c73b7]
public class MyCustomMembershipProvider : MembershipProv...
{
public override bool ValidateUser(string username, s...
{
if (username == "admin" && password == "123456") {
return true;
}
if (username == "user" && password == "123456") {
return true;
}
return false;
}
これ以外のMembershipProviderの抽象メソッドは取り敢えず未...
*** RoleProvider [#xabcc019]
public class MyCustomRoleProvider : RoleProvider
{
public override bool IsUserInRole(string username, s...
{
if (username == "admin" && roleName == "Administ...
return true;
}
else if (username != "admin" && roleName == "Use...
return true;
}
return false;
}
public override string[] GetRolesForUser(string user...
{
if (username == "admin") {
return new string[] { "Administrators" };
}
else {
return new string[] { "Users" };
}
}
これ以外のRoleProviderの抽象メソッドは取り敢えず未実装で...
*** web.config [#hb11f8c8]
<system.web>
<authentication mode="Forms" >
<forms loginUrl="~/Login/Index"></forms>
</authentication>
<membership defaultProvider="myCustomMembershipProvide...
<providers>
<clear />
<add name="myCustomMembershipProvider" type="WebAp...
</providers>
</membership>
<roleManager enabled="true" defaultProvider="myCustomR...
<providers>
<clear/>
<add name="myCustomRoleProvider" type="WebApplicat...
</providers>
</roleManager>
*** Loginコントローラ [#xd83dd6d]
public class LoginController : Controller
{
readonly MyCustomMembershipProvider _membershipProvi...
public ActionResult Index()
{
FormsAuthentication.SignOut();
return View();
}
[HttpPost]
public ActionResult Index(UserEntity user)
{
if (_membershipProvider.ValidateUser(user.Userna...
FormsAuthentication.SetAuthCookie(user.Usern...
return RedirectToAction("Index", "Home");
}
ViewBag.Message = "Username or Password is incor...
return View(user);
}
}
以上でMembershipProviderを使ってユーザ認証を行う。
*** Loginビュー [#la24a9d5]
@model WebApplication1.UserEntity
@{
ViewBag.Title = "Index";
}
<h2>Index</h2>
<div>@ViewBag.Message</div>
@using (Html.BeginForm()) {
@Html.EditorFor(m => m)
<input type="submit" value="LOGIN" />
}
*** Loginビューモデル [#c24b5af3]
public class UserEntity
{
public string Username { get; set; }
public string Password { get; set; }
}
*** アクセス制御をするアクションクラス・メソッド [#pb42e5...
public class HomeController : Controller
{
[Authorize]
public ActionResult Index()
{
return View();
}
[Authorize(Roles="Administrators")]
public ActionResult Index2()
{
return View();
}
}
** 参考 [#wd759be3]
- http://keibalight.wordpress.com/2012/03/04/%e3%80%90f-a...
- http://d.hatena.ne.jp/yezweb/20091013/1255413234
- http://www.dotnet-tricks.com/Tutorial/mvc/G54G220114-Cu...
- http://typecastexception.com/post/2013/11/11/Extending-...
*** 外部認証 app_start\startup.auth.cs [#m89339f7]
http://weblogs.asp.net/imranbaloch/archive/2013/07/18/con...
終了行:
* フォーム認証によるロールベースのアクセス制御 [#od342879]
** アクセス制御の仕方 [#afd0ea96]
- アクションクラスまたはアクションメソッドにアノテーショ...
public class HomeController : Controller
{
[Authorize(Roles="Administrations")]
public ActionResult Index() {}
}
** 認証を行うクラス [#sa0dda5b]
- MembershipProviderを継承したカスタムクラスでユーザ認証...
- RoleProviderを継承したカスタムクラスでロールの管理を行う
** 認証ユーザの参照 [#wbd947ea]
public ActionResult Index() {
var user = HttpContext.User;
}
** 実装例 [#j39d8a88]
*** MembershipProvider [#k24c73b7]
public class MyCustomMembershipProvider : MembershipProv...
{
public override bool ValidateUser(string username, s...
{
if (username == "admin" && password == "123456") {
return true;
}
if (username == "user" && password == "123456") {
return true;
}
return false;
}
これ以外のMembershipProviderの抽象メソッドは取り敢えず未...
*** RoleProvider [#xabcc019]
public class MyCustomRoleProvider : RoleProvider
{
public override bool IsUserInRole(string username, s...
{
if (username == "admin" && roleName == "Administ...
return true;
}
else if (username != "admin" && roleName == "Use...
return true;
}
return false;
}
public override string[] GetRolesForUser(string user...
{
if (username == "admin") {
return new string[] { "Administrators" };
}
else {
return new string[] { "Users" };
}
}
これ以外のRoleProviderの抽象メソッドは取り敢えず未実装で...
*** web.config [#hb11f8c8]
<system.web>
<authentication mode="Forms" >
<forms loginUrl="~/Login/Index"></forms>
</authentication>
<membership defaultProvider="myCustomMembershipProvide...
<providers>
<clear />
<add name="myCustomMembershipProvider" type="WebAp...
</providers>
</membership>
<roleManager enabled="true" defaultProvider="myCustomR...
<providers>
<clear/>
<add name="myCustomRoleProvider" type="WebApplicat...
</providers>
</roleManager>
*** Loginコントローラ [#xd83dd6d]
public class LoginController : Controller
{
readonly MyCustomMembershipProvider _membershipProvi...
public ActionResult Index()
{
FormsAuthentication.SignOut();
return View();
}
[HttpPost]
public ActionResult Index(UserEntity user)
{
if (_membershipProvider.ValidateUser(user.Userna...
FormsAuthentication.SetAuthCookie(user.Usern...
return RedirectToAction("Index", "Home");
}
ViewBag.Message = "Username or Password is incor...
return View(user);
}
}
以上でMembershipProviderを使ってユーザ認証を行う。
*** Loginビュー [#la24a9d5]
@model WebApplication1.UserEntity
@{
ViewBag.Title = "Index";
}
<h2>Index</h2>
<div>@ViewBag.Message</div>
@using (Html.BeginForm()) {
@Html.EditorFor(m => m)
<input type="submit" value="LOGIN" />
}
*** Loginビューモデル [#c24b5af3]
public class UserEntity
{
public string Username { get; set; }
public string Password { get; set; }
}
*** アクセス制御をするアクションクラス・メソッド [#pb42e5...
public class HomeController : Controller
{
[Authorize]
public ActionResult Index()
{
return View();
}
[Authorize(Roles="Administrators")]
public ActionResult Index2()
{
return View();
}
}
** 参考 [#wd759be3]
- http://keibalight.wordpress.com/2012/03/04/%e3%80%90f-a...
- http://d.hatena.ne.jp/yezweb/20091013/1255413234
- http://www.dotnet-tricks.com/Tutorial/mvc/G54G220114-Cu...
- http://typecastexception.com/post/2013/11/11/Extending-...
*** 外部認証 app_start\startup.auth.cs [#m89339f7]
http://weblogs.asp.net/imranbaloch/archive/2013/07/18/con...
ページ名: