基本方法是重寫AuthorizeAttribute類的AuthorizeCore方法
protected override bool AuthorizeCore(HttpContextBase httpContext)
MVC模式、{
string currentRole = GetRole(httpContext.User.Identity.Name);
if (Roles.Contains(currentRole))
mvc分別用什么實現,return true;
return base.AuthorizeCore(httpContext);
}
?
private string GetRole(string name)
{
Model1 db = new Model1();
student newstudent = db.Students.First(m => m.name == name);
return newstudent.name;
}
?
在登錄的時候需要寫入name信息
FormsAuthentication.SetAuthCookie(stu.name, false);
?
最后在需要控制的action前加上
[MyAuthAttribute2(Roles = "****")]