这可能是一个非常愚蠢的问题但是想知道在会话中存储用户窗口角色是否有任何好处。基本上在我们渲染视图之前的mvc项目中,我们检查用户是否有权根据用户角色查看视图。我正在考虑将它们存储在会话与性能
中的安全性观点 public class WindowsRoleProvider : IRoleProvider
{
public List<string> GetWindowsRolesForUser(string userName)
{
var windowsProvider = new WindowsTokenRoleProvider();
var adsRoles = windowsProvider.GetRolesForUser(userName);
return new List<string>(adsRoles);
}
}
public List<string> GetUserRoles(string userName)
{
var userRoles = new List<string>();
try
{
var windowsRoles = _roleProvider.GetWindowsRolesForUser(userName);
adsRoles = windowsRoles.ConvertAll(d => d.ToLowerInvariant());
var catAuthorizationRoles = _configurationManager.GetSection("catroles");
if (catAuthorizationRoles != null)
{
for (var role = 0; role < catAuthorizationRoles.Count; role++)
{
if (windowsRoles.Any(item =>catAuthorizationRoles[role].ToLower().ToLower().Split(';').Any(s => item.Trim().Equals(s.Trim()))))
{
userRoles.Add(catAuthorizationRoles.GetKey(role));
}
}
}
userRoles = userRoles.ConvertAll(d => d.ToLower());
}
catch (Exception ex)
{
Logger.Error("Exception:" + ex.Message + "\r\nInner Exception:" +
(ex.InnerException != null ? ex.InnerException.Message : string.Empty) + "\r\n" +
ex.StackTrace);
}
return userRoles;
}