C# 授权 Asp.net web.config
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/642515/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Authorization Asp.net web.config
提问by user29964
I have an application that has a backoffice. This backoffice was isolated with the use of roles like this:
我有一个有后台的应用程序。这个后台是通过使用这样的角色来隔离的:
<location path="backoffice">
<system.web>
<authorization>
<allow roles="admin"/>
<deny users="*"/>
</authorization>
</system.web>
</location>
But now we have another type of role that needs access. The companyadmin role.
但是现在我们有另一种类型的角色需要访问。公司管理员角色。
Can I just say?:
我可以说吗?:
<location path="backoffice">
<system.web>
<authorization>
<allow roles="admin,companyadmin"/>
<deny users="*"/>
</authorization>
</system.web>
</location>
采纳答案by AviD
Yes, exactly so (assuming you properly authenticated your users, and set their roles accordingly). Check the MSDN article: http://msdn.microsoft.com/en-us/library/8d82143t(VS.71).aspx
是的,确实如此(假设您正确地对用户进行了身份验证,并相应地设置了他们的角色)。检查 MSDN 文章:http: //msdn.microsoft.com/en-us/library/8d82143t(VS.71).aspx
回答by eglasius
yes, you can add n roles like that.
是的,您可以添加 n 个这样的角色。
If you prefer, you can also:
如果您愿意,您还可以:
<allow roles="admin"/>
<allow roles="admin1"/>
<deny users="*"/>
