Security » Authorization » 介绍
Introduction¶ 介绍
Authorization refers to the process that determines what a user is able to do. For example user Adam may be able to create a document library, add documents, edit documents and delete them. User Bob may only be authorized to read documents in a single library.
授权指的是确定一个用户可以做什么的过程。例如用户Adam可以新建文档库、添加文档、编辑文档以及删除。用户Bob只能被授权在某一个库中阅读文档。
Authorization is orthogonal and independent from authentication, which is the process of ascertaining who a user is. Authentication may create one or more identities for the current user.
授权是与身份验证正交并且独立的。身份验证是确认一个用户是谁的过程。身份验证可以为当前用户创建一个或多个身份。
Authorization Types¶ 授权类型
In ASP.NET Core authorization now provides simple declarative role and a richer policy based model where authorization is expressed in requirements and handlers evaluate a users claims against requirements. Imperative checks can be based on simple policies or polices which evaluate both the user identity and properties of the resource that the user is attempting to access.
在ASP.NET Core中,授权提供了基于简单声明角色和基于复杂策略的模型,在该模型中,授权表示按用户声明和请求来评估用户。必要的检查可基于简单的策略,或者同时检查试图连接资源所需的用户身份和属性。
Namespaces¶ 命名空间
Authorization components, including the AuthorizeAttribute and AllowAnonymousAttribute attributes are found in the Microsoft.AspNetCore.Authorization namespace.
授权包括AuthorizeAttribute和AllowAnonymousAttribute属性,可在Microsoft.AspNetCore.Authorization命名空间中找到。
Security » Authorization » 介绍的更多相关文章
- Security » Authorization » 通过映射限制身份
Limiting identity by scheme¶ 通过映射限制身份(这部分有好几个概念还不清楚,翻译的有问题) 36 of 39 people found this helpful In so ...
- Security » Authorization » 基于声明的授权
Claims-Based Authorization¶ 基于声明的授权 142 of 162 people found this helpful When an identity is created ...
- Security » Authorization » 基于视图的授权
View Based Authorization¶ 基于视图的授权 44 of 46 people found this helpful Often a developer will want to ...
- Security » Authorization » 基于资源的授权
Resource Based Authorization¶ 基于资源的授权 68 of 73 people found this helpful Often authorization depends ...
- Security » Authorization » 要求处理器中的依赖注入
Dependency Injection in requirement handlers¶ 30 of 32 people found this helpful Authorization handl ...
- Security » Authorization » 基于自定义策略的授权
Custom Policy-Based Authorization¶ 基于自定义策略的授权 98 of 108 people found this helpful Underneath the cov ...
- Security » Authorization » 基于角色的授权
Role based Authorization¶ 基于角色的授权 133 of 153 people found this helpful When an identity is created i ...
- Security » Authorization » 简单授权
Simple Authorization¶ 简单授权 82 of 86 people found this helpful Authorization in MVC is controlled thr ...
- Content Security Policy介绍
Content Security Policy https://content-security-policy.com/ The new Content-Security-Policy HTTP re ...
随机推荐
- 学习quartz定时
学习资料: http://www.cnblogs.com/Rozdy/p/4274356.html http://www.cnblogs.com/Rozdy/p/4284339.html https: ...
- 白话学习MVC(八)Action的执行二
一.概述 上篇博文<白话学习MVC(七)Action的执行一>介绍了ASP.NET MVC中Action的执行的简要流程,并且对TempData的运行机制进行了详细的分析,本篇来分析上一篇 ...
- 事务复制-大批量DEL操作
同事讨论删除发布表历史记录,导致订阅端数据滞后N小时.后来询问得知,发布表T只保留最近31天的数据,每天由Job删除31天前的数据,每天的删除量约400-500万条.默认情况下,在发布端删除400万条 ...
- Oracle在dos命令下导出导入
DOS下运行的命令,也可以加参数在SQL/PLUS环境下运行简单例子实现 单表备份(前提库的结构是一样的)导出:开始钮->运行->输入CMD->进入DOS界面EXP 用户名/密码@连 ...
- java学习规划
今天在网上看到一位大学生的java学习线路规划,觉得蛮适合我,就详细阅读了一下,规划路线应该适用于大部分学习java语言的人,贴出来与大家共勉. 在学习的过程中,不能急于去学习更多的知识,因为知识是无 ...
- c/c++ 数据结构 链表插入数据代码(二)
如果参数传递不使用使用指针的指针,也不使用引用. #include <stdio.h> #include <stdlib.h> typedef struct LNode{ in ...
- AJAX-----14HTML5中新增的API---files
<!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8&quo ...
- apache+php+mysql的配置(转载)
windows: 按http://jingyan.baidu.com/article/fcb5aff797ec41edaa4a71c4.html的安装 按http://www.jb51.net/art ...
- 为您详细比较三个 CSS 预处理器(框架):Sass、LESS 和 Stylus
CSS 预处理器技术已经非常的成熟,而且也涌现出了越来越多的 CSS 的预处理器框架.本文向你介绍使用最为普遍的三款 CSS 预处理器框架,分别是 Sass.Less CSS.Stylus. 首先我们 ...
- POJ 3436:ACM Computer Factory(最大流记录路径)
http://poj.org/problem?id=3436 题意:题意很难懂.给出P N.接下来N行代表N个机器,每一行有2*P+1个数字 第一个数代表容量,第2~P+1个数代表输入,第P+2到2* ...