写在前面:按照本系列随笔的风格,还是立足于初学者,所以在入门篇里面介绍的比较简单,在进阶篇里面多介绍一些进一步的探索内容。避免给初学者一种觉得安全应用程序块很复杂的感觉。
![](http://terrylee.blog.51cto.com/attachment/200803/200803251206424999125.jpg?x-oss-process=image/resize,w_1400/format,webp)
( 8 )选择 File | Save All 保存全部。
![](http://terrylee.blog.51cto.com/attachment/200803/200803251206425025921.jpg?x-oss-process=image/resize,w_1400/format,webp)
( 12 )保存全部 File | Save All 。
一. 安全应用程序块概述:
安全应用程序块通过一个或多个安全机制,帮助开发人员在应用程序中实现通用的安全相关任务。
需要提高扩展性,以便在不改变应用程序代码的情况下更改认证或授权方式。
提供了以下几个方面的功能:
1
.认证
2
.授权
3
.角色管理
4
.
Profile
管理
二. 几个重要的概念:
1. Credential(令牌)
2. Identity(身份)
3. Principal(主体特征)
三. 使用三部曲:
在进行使用前请确保项目中有
App.config
或
Web.config
文件,并且需要数据库中有相关的表和存储过程,具体可参见数据库
EntLibQuickStarts
(
Enterprise Library
的示例库)。
1
.定义配置文件:
(
1
)运行
Enterprise Library Configuration
配置工具,打开项目中的配置文件;
(
2
)右击
Application
,选择
New | Security Application Block
,创建一个安全应用程序块;
(
3
)在
Security Application Block | Authentication
节点上右击,选择
New | Database Authentication Provider
,创建一个数据库认证
Provider
;
(
4
)根据在数据访问应用程序块中所讲的,设置数据库的连接字符串;
(
5
)右击
Cryptography Application Block | Hash Providers
,选择
New | Hash Algorithm Provider
,创建一个加密
Provider
,并设置
SaltEnabled
为
True
;
(
6
)选择
Security Application Block | Authentication | Database Provider
,
设置
Database
属性为
Database Instance, 并且设置 HashProvider 属性为SHA1Managed;
(
7
)选择
Security Application Block
,设置它的
DefaultAuthenticationInstance
为
Database Provider
;
![](http://terrylee.blog.51cto.com/attachment/200803/200803251206424999125.jpg?x-oss-process=image/resize,w_1400/format,webp)
( 8 )选择 File | Save All 保存全部。
至此,关于认证部分的配置已经做完。仅仅有这些还不够,我们还要进行设置角色。
(
9
)选择
Security Application Block
,右击
Roles
,选择
New | Role Database Provider
创建一个角色的数据库
Provider
;
(
10
)设置
Database
属性为
Database Instance
;
(
11
)选择
Security Application Block
节点,设置
DefaultRolesInstance
,为
RolesDatabase Provider
;
![](http://terrylee.blog.51cto.com/attachment/200803/200803251206425025921.jpg?x-oss-process=image/resize,w_1400/format,webp)
( 12 )保存全部 File | Save All 。
至此,所有的配置文件的工作已经做完。最后别忘了,做拷贝目录
1
copy "$(ProjectDir)\*.config" "$(TargetDir)"
![None.gif](http://www.cnblogs.com/Images/OutliningIndicators/None.gif?x-oss-process=image/resize,w_1400/format,webp)
2
.创建
Security Provider
实例:
1
IAuthenticationProvider authprovider;
2
authprovider
=
AuthenticationFactory.GetAuthenticationProvider();
![None.gif](http://www.cnblogs.com/Images/OutliningIndicators/None.gif?x-oss-process=image/resize,w_1400/format,webp)
2
![None.gif](http://www.cnblogs.com/Images/OutliningIndicators/None.gif?x-oss-process=image/resize,w_1400/format,webp)
3
.执行
Security Provider
命令:
1
public
static
bool
Authenticate(
string
username,
string
password)
2
{
3
bool authenticated = false;
4![InBlock.gif](http://www.cnblogs.com/Images/OutliningIndicators/InBlock.gif?x-oss-process=image/resize,w_1400/format,webp)
5
6
NamePasswordCredential credentials;
7
credentials = new NamePasswordCredential(username, password);
8
9
IAuthenticationProvider authprovider;
10
authprovider = AuthenticationFactory.GetAuthenticationProvider();
11
12
IIdentity identity;
13
authenticated = authprovider.Authenticate(credentials, out identity);
14
15
if (!authenticated)
16
{
17
throw new SecurityException("Invalid username or password.");
18
}
19
20
21
22
IRolesProvider rolesprovider;
23
rolesprovider = RolesFactory.GetRolesProvider();
24
25
IPrincipal principal;
26
principal = rolesprovider.GetRoles(identity);
27
28
// Place user's principal on the thread
29
Thread.CurrentPrincipal = principal;
30
31
return authenticated;
32
}
![None.gif](http://www.cnblogs.com/Images/OutliningIndicators/None.gif?x-oss-process=image/resize,w_1400/format,webp)
2
![ExpandedBlockStart.gif](http://www.cnblogs.com/Images/OutliningIndicators/ExpandedBlockStart.gif?x-oss-process=image/resize,w_1400/format,webp)
3
![InBlock.gif](http://www.cnblogs.com/Images/OutliningIndicators/InBlock.gif?x-oss-process=image/resize,w_1400/format,webp)
4
![InBlock.gif](http://www.cnblogs.com/Images/OutliningIndicators/InBlock.gif?x-oss-process=image/resize,w_1400/format,webp)
5
![InBlock.gif](http://www.cnblogs.com/Images/OutliningIndicators/InBlock.gif?x-oss-process=image/resize,w_1400/format,webp)
6
![InBlock.gif](http://www.cnblogs.com/Images/OutliningIndicators/InBlock.gif?x-oss-process=image/resize,w_1400/format,webp)
7
![InBlock.gif](http://www.cnblogs.com/Images/OutliningIndicators/InBlock.gif?x-oss-process=image/resize,w_1400/format,webp)
8
![InBlock.gif](http://www.cnblogs.com/Images/OutliningIndicators/InBlock.gif?x-oss-process=image/resize,w_1400/format,webp)
9
![InBlock.gif](http://www.cnblogs.com/Images/OutliningIndicators/InBlock.gif?x-oss-process=image/resize,w_1400/format,webp)
10
![InBlock.gif](http://www.cnblogs.com/Images/OutliningIndicators/InBlock.gif?x-oss-process=image/resize,w_1400/format,webp)
11
![InBlock.gif](http://www.cnblogs.com/Images/OutliningIndicators/InBlock.gif?x-oss-process=image/resize,w_1400/format,webp)
12
![InBlock.gif](http://www.cnblogs.com/Images/OutliningIndicators/InBlock.gif?x-oss-process=image/resize,w_1400/format,webp)
13
![InBlock.gif](http://www.cnblogs.com/Images/OutliningIndicators/InBlock.gif?x-oss-process=image/resize,w_1400/format,webp)
14
![InBlock.gif](http://www.cnblogs.com/Images/OutliningIndicators/InBlock.gif?x-oss-process=image/resize,w_1400/format,webp)
15
![InBlock.gif](http://www.cnblogs.com/Images/OutliningIndicators/InBlock.gif?x-oss-process=image/resize,w_1400/format,webp)
16
![ExpandedSubBlockStart.gif](http://www.cnblogs.com/Images/OutliningIndicators/ExpandedSubBlockStart.gif?x-oss-process=image/resize,w_1400/format,webp)
17
![InBlock.gif](http://www.cnblogs.com/Images/OutliningIndicators/InBlock.gif?x-oss-process=image/resize,w_1400/format,webp)
18
![ExpandedSubBlockEnd.gif](http://www.cnblogs.com/Images/OutliningIndicators/ExpandedSubBlockEnd.gif?x-oss-process=image/resize,w_1400/format,webp)
19
![InBlock.gif](http://www.cnblogs.com/Images/OutliningIndicators/InBlock.gif?x-oss-process=image/resize,w_1400/format,webp)
20
![InBlock.gif](http://www.cnblogs.com/Images/OutliningIndicators/InBlock.gif?x-oss-process=image/resize,w_1400/format,webp)
21
![InBlock.gif](http://www.cnblogs.com/Images/OutliningIndicators/InBlock.gif?x-oss-process=image/resize,w_1400/format,webp)
22
![InBlock.gif](http://www.cnblogs.com/Images/OutliningIndicators/InBlock.gif?x-oss-process=image/resize,w_1400/format,webp)
23
![InBlock.gif](http://www.cnblogs.com/Images/OutliningIndicators/InBlock.gif?x-oss-process=image/resize,w_1400/format,webp)
24
![InBlock.gif](http://www.cnblogs.com/Images/OutliningIndicators/InBlock.gif?x-oss-process=image/resize,w_1400/format,webp)
25
![InBlock.gif](http://www.cnblogs.com/Images/OutliningIndicators/InBlock.gif?x-oss-process=image/resize,w_1400/format,webp)
26
![InBlock.gif](http://www.cnblogs.com/Images/OutliningIndicators/InBlock.gif?x-oss-process=image/resize,w_1400/format,webp)
27
![InBlock.gif](http://www.cnblogs.com/Images/OutliningIndicators/InBlock.gif?x-oss-process=image/resize,w_1400/format,webp)
28
![InBlock.gif](http://www.cnblogs.com/Images/OutliningIndicators/InBlock.gif?x-oss-process=image/resize,w_1400/format,webp)
29
![InBlock.gif](http://www.cnblogs.com/Images/OutliningIndicators/InBlock.gif?x-oss-process=image/resize,w_1400/format,webp)
30
![InBlock.gif](http://www.cnblogs.com/Images/OutliningIndicators/InBlock.gif?x-oss-process=image/resize,w_1400/format,webp)
31
![InBlock.gif](http://www.cnblogs.com/Images/OutliningIndicators/InBlock.gif?x-oss-process=image/resize,w_1400/format,webp)
32
![ExpandedBlockEnd.gif](http://www.cnblogs.com/Images/OutliningIndicators/ExpandedBlockEnd.gif?x-oss-process=image/resize,w_1400/format,webp)
入门篇就到这里了,安全应用程序块内容比较多,所以有些步骤里面我没有截图,请大家谅解。在进阶篇里面,我会分别介绍认证,授权(包括授权规则),角色,个性化服务,以及严格的帐号管理策略,
Security Cache
,包括第三方的基于数据库角色授权的插件等。
本文转自lihuijun51CTO博客,原文链接:
http://blog.51cto.com/terrylee/67603
,如需转载请自行联系原作者