.net 如何检索用户所属的所有角色(组)?
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/762245/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
How can I retrieve all the roles (groups) a user is a member of?
提问by muratgu
Is there a way to get a list of roles a Windows authenticated user is in, without explicitly checking by WindowsPrincipal.IsInRolemethod?
有没有办法在不通过WindowsPrincipal.IsInRole方法明确检查的情况下获取 Windows 身份验证用户所在的角色列表?
回答by joshperry
WindowsPrincipal.IsInRolejust checks if the user is a member of the group with that name; a Windows Group is aRole. You can get a list of the groups that a user is a member of from the WindowsIdentity.Groupsproperty.
WindowsPrincipal.IsInRole只检查用户是否是具有该名称的组的成员;Windows 组是一个角色。您可以从WindowsIdentity.Groups属性中获取用户所属组的列表。
You can get WindowsIdentityfrom your WindowsPrincipal:
你可以WindowsIdentity从你的WindowsPrincipal:
WindowsIdentity identity = WindowsPrincipal.Identity as WindowsIdentity;
or you can get it from a factory method on WindowsIdentity:
或者您可以从 WindowsIdentity 上的工厂方法中获取它:
WindowsIdentity identity = WindowsIdentity.GetCurrent();
WindowsIdenity.Groupsis a collection of IdentityReferencewhich just gives you the SID of the group. If you need the group names you will need to translate the IdentityReferenceinto an NTAccountand get the Value:
WindowsIdenity.Groups是一个集合IdentityReference,它只为您提供组的 SID。如果您需要组名,则需要将其转换IdentityReference为 anNTAccount并获取值:
var groupNames = from id in identity.Groups
select id.Translate(typeof(NTAccount)).Value;
回答by Steve Willcock
EDIT: Josh beat me to it! :)
编辑:乔希打败了我!:)
Try this
尝试这个
using System;
using System.Security.Principal;
namespace ConsoleApplication5
{
internal class Program
{
private static void Main(string[] args)
{
var identity = WindowsIdentity.GetCurrent();
foreach (var groupId in identity.Groups)
{
var group = groupId.Translate(typeof (NTAccount));
Console.WriteLine(group);
}
}
}
}
回答by philoroussel
If you are not connected to the domain server, the Translatefunction may throw the following exception The trust relationship between this workstation and the primary domain failed.
如果没有连接域服务器,该Translate函数可能会抛出以下异常The trust relationship between this workstation and the primary domain failed.
But for most of the groups, it will be OK, so I use:
但是对于大多数组来说,它会没问题,所以我使用:
foreach(var s in WindowsIdentity.GetCurrent().Groups) {
try {
IdentityReference grp = s.Translate(typeof (NTAccount));
groups.Add(grp.Value);
}
catch(Exception) { }
}
回答by DigitalDan
In an ASP.NET MVC site, you can do it like this:
在 ASP.NET MVC 站点中,您可以这样做:
Add this to your Web.config:
将此添加到您的 Web.config:
<system.web>
...
<roleManager enabled="true" defaultProvider="AspNetWindowsTokenRoleProvider" />
...
</system.web>
Then you can use Roles.GetRolesForUser()to get all the Windows groups that the user is a member of. Make sure you're using System.Web.Security.
然后您可以使用它Roles.GetRolesForUser()来获取用户所属的所有 Windows 组。确保你是using System.Web.Security。
