更新时间:2022-12-10 12:13:44
让这个工作的最简单的方法是使用ASP.NET在web.config中的< membership>
的标准机制。您只需让它使用默认构造函数,但您将覆盖Initialize()和拉取的依赖关系。使用此作为参考。
由于这样的事情,我更喜欢避免提供者模型,所以我使用类似于。 IMHO不那么blo肿,更灵活。最后,这只是关于设置 HttpContext.User 使用正确的 IPrincipal 实现AuthorizeAttribute使用什么。
我最近关于使用MembershipProviders做适当IoC的解决方案。
I have a custom membership/roles provider that I use in my MVC controllers that I also want to have accessible to ASP.NET MVC, so I can use AuthorizationFilters, etc. Since so many people have implemented custom providers I imagine many people have done this but I haven't figured it out or found postings that address this problem specifically. This post is sort of a flip side of my question. In my case I have my custom provider working well with my controllers, and I want MVC to use it too.
My provider is implemented with a IoC/dependency injection design. The provider exposes additional functionality beyond the baseline membership/roles API. In my controllers, I use Castle Windsor to create instances. The code looks similar to:
public class HomeController : Controller {
IMembershipService _membershipService;
public HomeController(IMembershipService membershipService) {
_membershipService= membershipService;
}
}
<castle>
<components>
<component id="MembershipService"
service="IMembershipService, MyApp"
type="MembershipService, MyApp" lifestyle="PerWebRequest">
<parameters>
<connectionString>#{defaultConnectionString}</connectionString>
</parameters>
</component>
</components>
</castle>
public class WindsorControllerFactory : DefaultControllerFactory {
private WindsorContainer _container;
public WindsorControllerFactory() {
_container = new WindsorContainer(new XmlInterpreter(new ConfigResource("castle")));
List<Type> controllerTypes = new List<Type>();
foreach (Type t in Assembly.GetExecutingAssembly().GetTypes()) {
if (typeof(IController).IsAssignableFrom(t))
controllerTypes.Add(t);
}
foreach (Type t in controllerTypes) {
// LifestyleType.Transient = new controller instance for each request
_container.AddComponentLifeStyle(t.FullName, t, LifestyleType.Transient);
}
}
protected override IController GetControllerInstance(Type controllerType) {
return (IController)_container.Resolve(controllerType);
}
This all works great in my C# code but I want to wire my provider into MVC to use [Authorize] filters with it:
[Authorize (Users="user1, user2", Roles="role8")]
public ViewResult MyResult(int x) {
// implement
}
I know that the usual way to tell ASP.NET about a custom membership or roles provider is in the web.config file as below but if I do this ASP.NET will just try to call the default constructor, which won't work. Any help appreciated.
<membership>
<providers>
<clear/>
<add name="MyMembershipProvider" type="MyMembershipProvider">
</providers>
</membership>
The simplest way to get this to work is to use ASP.NET's standard mechanism of <membership>
in web.config. You just let it use the default constructor but you override Initialize() and pull the dependencies there. Use this as reference.
Personally, due to things like this, I prefer to avoid the provider model altogether so I use an approach similar to the ones described in the MonoRail docs. IMHO it's less bloated and more flexible. In the end, it's just about setting HttpContext.User with a proper IPrincipal implementation which is what the AuthorizeAttribute uses.
I recently blogged about a solution to do proper IoC with MembershipProviders.