Security » Authorization » 介绍
Introduction¶ 介绍
Authorization refers to the process that determines what a user is able to do. For example user Adam may be able to create a document library, add documents, edit documents and delete them. User Bob may only be authorized to read documents in a single library.
授权指的是确定一个用户可以做什么的过程。例如用户Adam可以新建文档库、添加文档、编辑文档以及删除。用户Bob只能被授权在某一个库中阅读文档。
Authorization is orthogonal and independent from authentication, which is the process of ascertaining who a user is. Authentication may create one or more identities for the current user.
授权是与身份验证正交并且独立的。身份验证是确认一个用户是谁的过程。身份验证可以为当前用户创建一个或多个身份。
Authorization Types¶ 授权类型
In ASP.NET Core authorization now provides simple declarative role and a richer policy based model where authorization is expressed in requirements and handlers evaluate a users claims against requirements. Imperative checks can be based on simple policies or polices which evaluate both the user identity and properties of the resource that the user is attempting to access.
在ASP.NET Core中,授权提供了基于简单声明角色和基于复杂策略的模型,在该模型中,授权表示按用户声明和请求来评估用户。必要的检查可基于简单的策略,或者同时检查试图连接资源所需的用户身份和属性。
Namespaces¶ 命名空间
Authorization components, including the AuthorizeAttribute and AllowAnonymousAttribute attributes are found in the Microsoft.AspNetCore.Authorization namespace.
授权包括AuthorizeAttribute和AllowAnonymousAttribute属性,可在Microsoft.AspNetCore.Authorization命名空间中找到。
Security » Authorization » 介绍的更多相关文章
- Security » Authorization » 通过映射限制身份
Limiting identity by scheme¶ 通过映射限制身份(这部分有好几个概念还不清楚,翻译的有问题) 36 of 39 people found this helpful In so ...
- Security » Authorization » 基于声明的授权
Claims-Based Authorization¶ 基于声明的授权 142 of 162 people found this helpful When an identity is created ...
- Security » Authorization » 基于视图的授权
View Based Authorization¶ 基于视图的授权 44 of 46 people found this helpful Often a developer will want to ...
- Security » Authorization » 基于资源的授权
Resource Based Authorization¶ 基于资源的授权 68 of 73 people found this helpful Often authorization depends ...
- Security » Authorization » 要求处理器中的依赖注入
Dependency Injection in requirement handlers¶ 30 of 32 people found this helpful Authorization handl ...
- Security » Authorization » 基于自定义策略的授权
Custom Policy-Based Authorization¶ 基于自定义策略的授权 98 of 108 people found this helpful Underneath the cov ...
- Security » Authorization » 基于角色的授权
Role based Authorization¶ 基于角色的授权 133 of 153 people found this helpful When an identity is created i ...
- Security » Authorization » 简单授权
Simple Authorization¶ 简单授权 82 of 86 people found this helpful Authorization in MVC is controlled thr ...
- Content Security Policy介绍
Content Security Policy https://content-security-policy.com/ The new Content-Security-Policy HTTP re ...
随机推荐
- CentOS6修改主机名(hostname)及 修改/etc/hosts 文件,增加ip和hostname的映射关系(转)
CentOS修改主机名(hostname) 需要修改两处:一处是/etc/sysconfig/network,另一处是/etc/hosts,只修改任一处会导致系统启动异常.首先切换到root用户. ...
- php截取字符串
1.substr(源字符串,其实位置[,长度])-截取字符串返回部分字符串 <?php $str ="phpddt.com"; echo substr($str, 2); / ...
- dump redo日志文件的信息
通常会用到以下两个命令:1.'alter session'命令用来dump redo日志的文件头2.'alter system dump logfile'命令用来dump redo文件的内容 以上命令 ...
- js实现发送短信验证码后的倒计时功能(无视页面刷新)
[1].[代码] 这是页面上的发送验证码按钮 跳至 [1] [2] [3]<input id="second" type="button" value=& ...
- 谨慎使用多线程中的fork
// Upon successful completion, pthread_atfork() shall return a value of zero; otherwise, an error nu ...
- matlab中imresize
matlab中函数imresize简介: 函数功能:该函数用于对图像做缩放处理. 调用格式: B = imresize(A, m) 返回的图像B的长宽是图像A的长宽的m倍,即缩放图像. m大于1, 则 ...
- Java判断访问设备为手机、微信、PC工具类
package com.lwj.util; import javax.servlet.http.HttpServletRequest; /** * 判断访问设备为PC或者手机--工具类 * * @de ...
- SSH 无密码远程执行脚本
ssh无密码登录及远程执行脚本要使用公钥与私钥.linux下可以用用ssh-keygen生成公钥/私钥对,下面我以CentOS7为例. 测试环境:机器A(10.0.224.80):机器B(192.16 ...
- Lucene学习总结
在使用Lucene前,我们先大致熟悉下Lucene的几个核心类. 核心索引类: public class IndexWriter 索引过程的中心组件,把它想象成一个可以对索引进行写操作的对象. pub ...
- sudo service docker start
sudo service docker start sudo docker run -t -i ubuntu:14.04 /bin/bash docker ps -l CONTAINER ID IMA ...